From ccaf89bdf828b21ccc64aaf38dd81ab4bb479af1 Mon Sep 17 00:00:00 2001 From: tasket Date: Tue, 14 Mar 2017 22:03:31 -0400 Subject: [PATCH] Update README.md --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 9062f81..d3d8432 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,6 @@ # Qubes-VM-hardening Files for enhancing Qubes VM security and privacy + +## rc.local: Protect sh and bash init files + +Placed in /etc/rc.local of a template VM, this makes the shell init files immutable so PATH and alias cannot be used to hijack commands like su and sudo. I combed the dash and bash docs to address all the user-writable files. Feel free to comment or create issue if you see an omission or other problem.