mirror of
https://github.com/tasket/Qubes-VM-hardening.git
synced 2025-03-06 13:45:52 -05:00
421 B
421 B
Qubes-VM-hardening
Files for enhancing Qubes VM security and privacy
rc.local: Protect sh and bash init files
Placed in /etc/rc.local of a template VM, this makes the shell init files immutable so PATH and alias cannot be used to hijack commands like su and sudo. I combed the dash and bash docs to address all the user-writable files. Feel free to comment or create issue if you see an omission or other problem.