Git-Mirrors/plague-kernel
1
0
Fork 0
mirror of https://0xacab.org/optout/plague-kernel.git synced 2024-10-01 03:35:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Updated documentation

Browse Source
This commit is contained in:
arcanedev 2022-05-21 23:50:53 +00:00
parent 72a9ac1c6b
commit 78a45c02a1
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -26,15 +26,15 @@
- https://docs.clip-os.org/clipos/kernel.html
- https://github.com/anthraxx/linux-hardened
- https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project
- https://notabug.org/anonymous-lestat/Void-Hardened-Kernel
- https://notabug.org/anonymous-lestat/Void-Hardened-Kernel
- https://madaidans-insecurities.github.io/guides/linux-hardening.html#kernel
### Trimming Efforts
- While linux-hardened security patchsets along with kernel configurations are notable for this kernel project, the core purpose was to practice minimalism by reducing the size of the linux kernel, thereby cutting attack surface. This is not a trivial thing to record, therefore we are displaying the size purely as a point of comparison.
- While linux-hardened security patchsets along with kernel configurations are notable for this kernel project, the core purpose was to practice minimalism by reducing the size of the linux kernel, thereby cutting attack surface. This is not a trivial thing to record, therefore we are displaying the size purely as a point of comparison.
| |PlagueOS (plague-kernel) |Whonix (LTS)|
|--- | --- | ---|
|Size (compressed)|159.8 MB |285.6 MB|
|Size (compressed)|159.2 MB |285.6 MB|
@ -191,6 +191,7 @@ CONFIG_VIDEO_VIVID | is not set | my | cut_atta
CONFIG_INPUT_EVBUG | is not set | my | cut_attack_surface | OK
CONFIG_INTEGRITY | y |defconfig |userspace_hardening | OK
CONFIG_ARCH_MMAP_RND_BITS | 32 | clipos |userspace_hardening | OK
CONFIG_IP_SCTP | is not set | my | cut_attack_surface | OK
#### Fails
@ -212,7 +213,6 @@ CONFIG_VT | is not set |maintainer| cut_atta
CONFIG_MAGIC_SYSRQ | is not set | clipos | cut_attack_surface | FAIL: "y"
CONFIG_X86_CPUID | is not set | clipos | cut_attack_surface | FAIL: "m"
CONFIG_BPF_SYSCALL | is not set | lockdown | cut_attack_surface | FAIL: "y"
CONFIG_IP_SCTP | is not set | my | cut_attack_surface | FAIL: "m"
```
Totals: 'OK' - 147 / 'FAIL' - 17
Totals: 'OK' - 148 / 'FAIL' - 16