mirror of
https://github.com/tasket/Qubes-VM-hardening.git
synced 2024-10-01 06:35:42 -04:00
21 lines
666 B
Bash
21 lines
666 B
Bash
#!/bin/sh -e
|
|
# Debian: /etc/rc.local
|
|
|
|
#########################################################
|
|
## Protect sh, bash, X and desktop init scripts ##
|
|
## to prevent privilege escalation attacks ##
|
|
## and malware persistence - for Qubes Linux templates ##
|
|
chfiles=".bashrc .bash_profile .bash_login .bash_logout .profile \
|
|
.xprofile .xinitrc .xserverrc .xsession"
|
|
chdirs="bin .config/autostart .config/plasma-workspace/env \
|
|
.config/plasma-workspace/shutdown .config/autostart-scripts"
|
|
|
|
cd /home/user
|
|
mkdir -p $chdirs ||true
|
|
touch $chfiles || true
|
|
chattr -R -f +i $chfiles $chdirs || true
|
|
#touch /home/user/FIXED || true
|
|
|
|
# end of script
|
|
exit 0
|