Commit Graph

39 Commits

Author SHA1 Message Date
friendly-rabbit-35
2cca75ed85
Update link to kernel module config (again) (#271)
Update link to secureblue's kmod blacklist

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-08-10 04:59:44 -07:00
Tommy
00a5265e14
Clean up Secure Boot section (#265)
* Clean up Secure Boot section

Signed-off-by: Tommy <contact@tommytran.io>

---------

Signed-off-by: Tommy <contact@tommytran.io>
2024-07-29 11:16:54 -07:00
Friendly Rabbit
c2b3c19872
Update link to kernel module config (#262)
Update link to secureblue's kmod blacklist

Signed-off-by: Friendly Rabbit <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-07-21 19:00:02 -07:00
Tommy
9604aed927
Remove Ubuntu USG mention (#250)
* Remove Ubuntu Pro mention

Signed-off-by: Tommy <contact@tommytran.io>

* Remove USG

---------

Signed-off-by: Tommy <contact@tommytran.io>
2024-06-26 09:52:17 -07:00
friendly-rabbit-35
1ceabea0fc
Update kernel module blacklisting recommendation (#255)
* Replace Kicksecure kmod blacklist with secureblue's and move disclaimer about Kicksecure morphing

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-06-16 21:40:37 -07:00
friendly-rabbit-35
cbe365251d
Remove link to archived Kicksecure repository for AppArmor profiles (#254)
* Remove link to deprecated Kicksecure AppArmor profile repo

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Add apparmor.d mention as a reference

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Remove mentions of Whonix sandboxed app launcher and AppArmor profiles

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

---------

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-06-16 15:49:53 -07:00
Tommy
7f75180bfc
Update sysctl settings recommendations (#251)
* Update sysctl settings recommendations
* Update author names

Signed-off-by: Tommy <contact@tommytran.io>
Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
2024-06-16 13:47:54 -07:00
Tommy
6f6b9b5c16
Update hardened_malloc information (#249)
* Update hardened_malloc information

Signed-off-by: Tommy <contact@tommytran.io>
Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
2024-06-16 13:38:37 -07:00
Tommy
e7d1cff73d
Update kargs
Signed-off-by: Tommy <contact@tommytran.io>
2024-05-27 13:39:09 -07:00
friendly-rabbit-35
9ef57f03e8
Fix more dead links on Desktop Linux Hardening page (#232)
* Fix dead links

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Remove outdated line about BT

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

---------

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-05-17 16:56:15 -07:00
friendly-rabbit-35
2a0f8344d7
Fix dead links on Desktop Linux Hardening page (#228)
* Make various grammar and wording changes for improved clarity
* Fix dead link
---------

Signed-off-by: friendly-rabbit-35 <chariot-barbed-0v@icloud.com>
Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
Signed-off-by: Tommy <contact@tommytran.io>
2024-05-16 16:03:26 -07:00
Tommy
d2f1ab85ba
Add --nosocket=session-bus and --nosocket=system-bus
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-24 23:30:05 -07:00
Tommy
d824a1ccae
Instruction to disable XWayland
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-15 01:26:29 -07:00
Tommy
fe158e7e04
Blacklist dconf dbus
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-13 22:16:41 -07:00
Tommy
81eb3f8dd0
Block org.gnome.Shell.Extensions
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-13 20:58:58 -07:00
Tommy
2526628d64
Add --no-talk-name=org.freedesktop.systemd1
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-02 17:51:23 -07:00
Tommy
07f018f614
Add --no-talk-name=org.freedesktop.Flatpak
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-02 17:04:05 -07:00
Tommy
4776c3e812
Update hardened malloc info (#216)
* Update hardened malloc info

Signed-off-by: Tommy <contact@tommytran.io>

* Add link

Signed-off-by: Tommy <contact@tommytran.io>

---------

Signed-off-by: Tommy <contact@tommytran.io>
2024-03-24 23:30:19 -07:00
Tommy
34bb760d13
Remove extra_latent_entropy
Signed-off-by: Tommy <contact@tommytran.io>
2024-02-26 21:47:39 -07:00
Tommy
846933379b
Update kernel args
Signed-off-by: Tommy <contact@tommytran.io>
2024-02-09 19:47:36 -07:00
Tommy
0ce2ac190d
Disable 32 bit emulation
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-15 01:24:49 -07:00
Tommy
e5607c74c6
Update flatpak overrides
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-15 01:14:53 -07:00
Tommy
c817cfc4da
Update flatpak override recommendation
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-11 01:53:58 -07:00
samsepi0l
f1ddd0b892
Fix typos (#188) 2023-12-10 01:18:15 +00:00
Tommy
7c5c2081e1
Fix IOMMU kernel param
Signed-off-by: Tommy <contact@tommytran.io>
2023-12-05 16:36:50 -07:00
Tommy
82a9a6094e
Remove bluetooth kernel module
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-10 16:23:19 -07:00
Tommy
599b8317f2
Wording fix (#162)
* Wording fix

Signed-off-by: Tommy <contact@tommytran.io>
Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
2023-09-28 05:39:50 -07:00
Tommy
473bba3df3
Fix Firewalld bypass (#156)
* Update Desktop Linux Hardening.md

Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
Signed-off-by: Tommy <contact@tommytran.io>

---------

Signed-off-by: Tommy <contact@tommytran.io>
Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
2023-09-26 23:18:52 -07:00
Tommy
950bf8ee1d
Pronoun fix
Signed-off-by: Tommy <contact@tommytran.io>
2023-08-16 06:10:34 -07:00
Tommy
8131129099
Mention Ubuntu Pro (#149)
Update Desktop Linux Hardening.md

Signed-off-by: Tommy <contact@tommytran.io>
2023-08-16 06:04:49 -07:00
Thien Tran
f8fea8190a
Clarify the location of Chrony's EnvironmentFile
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-08-08 21:26:01 -07:00
Tommy
90dce6a30b
Update Chrony configurations 2023-08-08 21:08:20 -07:00
Tommy
901bb89f66
Mention that /etc/apt/sources.list.d/* should be 644 (#138)
* Update Desktop Linux Hardening.md

Signed-off-by: Tommy <contact@tommytran.io>
2023-06-30 03:32:49 -07:00
Tommy
d7a8bd7849
Secure Time Synchronization on macOS (#139)
Signed-off-by: Tommy <contact@tommytran.io>
2023-06-25 10:16:31 -07:00
Thien Tran
0a1d5a899e
Typo Fixes
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-13 02:57:28 -07:00
Thien Tran
2090622bbc
/var/lib/zypp/AnonymousUniqueId should be emptied
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-13 02:53:54 -07:00
Tommy
b4597888c7
Mention fancy snap packages (#127) 2023-06-06 08:35:37 +00:00
Rusty Process
0a1bd622ee
Fix Boot Parameters (#117) 2023-04-15 05:51:28 -04:00
Tommy
3a3288a141
Rename file
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-11 11:28:06 -05:00