Commit Graph

66 Commits

Author SHA1 Message Date
Tommy
95f945b56f
Remove fsverity mention
Signed-off-by: Tommy <contact@tommytran.io>
2024-05-29 17:58:01 -07:00
Tommy
7db27f6074
security_opt expects =
Signed-off-by: Tommy <contact@tommytran.io>
2024-05-28 14:45:27 -07:00
Tommy
e7d1cff73d
Update kargs
Signed-off-by: Tommy <contact@tommytran.io>
2024-05-27 13:39:09 -07:00
friendly-rabbit-35
5049772a67
Remove provider description and reword other category descriptions (#235)
* Remove VPN provider description

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Reword description slightly

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Reword description slightly

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Reword description slightly

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Make various grammar changes

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Fix grammar

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Fix grammar

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Fix grammar

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

---------

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-05-25 03:13:23 +00:00
friendly-rabbit-35
9ef57f03e8
Fix more dead links on Desktop Linux Hardening page (#232)
* Fix dead links

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

* Remove outdated line about BT

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>

---------

Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
2024-05-17 16:56:15 -07:00
friendly-rabbit-35
2a0f8344d7
Fix dead links on Desktop Linux Hardening page (#228)
* Make various grammar and wording changes for improved clarity
* Fix dead link
---------

Signed-off-by: friendly-rabbit-35 <chariot-barbed-0v@icloud.com>
Signed-off-by: friendly-rabbit-35 <169707731+friendly-rabbit-35@users.noreply.github.com>
Signed-off-by: Tommy <contact@tommytran.io>
2024-05-16 16:03:26 -07:00
Tommy
d2f1ab85ba
Add --nosocket=session-bus and --nosocket=system-bus
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-24 23:30:05 -07:00
xyhhx
4ef5e890de
fix(linux/Docker and OCI Hardening): correction on no_new_privs option (#223) 2024-04-19 02:49:30 +00:00
Tommy
d824a1ccae
Instruction to disable XWayland
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-15 01:26:29 -07:00
Tommy
0c2cc614d0
Rename MicroOS to Aeon
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-15 00:32:10 -07:00
Tommy
fe158e7e04
Blacklist dconf dbus
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-13 22:16:41 -07:00
Tommy
81eb3f8dd0
Block org.gnome.Shell.Extensions
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-13 20:58:58 -07:00
Tommy
2526628d64
Add --no-talk-name=org.freedesktop.systemd1
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-02 17:51:23 -07:00
Tommy
07f018f614
Add --no-talk-name=org.freedesktop.Flatpak
Signed-off-by: Tommy <contact@tommytran.io>
2024-04-02 17:04:05 -07:00
Tommy
4776c3e812
Update hardened malloc info (#216)
* Update hardened malloc info

Signed-off-by: Tommy <contact@tommytran.io>

* Add link

Signed-off-by: Tommy <contact@tommytran.io>

---------

Signed-off-by: Tommy <contact@tommytran.io>
2024-03-24 23:30:19 -07:00
Tommy
34bb760d13
Remove extra_latent_entropy
Signed-off-by: Tommy <contact@tommytran.io>
2024-02-26 21:47:39 -07:00
Tommy
846933379b
Update kernel args
Signed-off-by: Tommy <contact@tommytran.io>
2024-02-09 19:47:36 -07:00
samsepi0l
c6964ecb07
Update GrapheneOS link (#207) 2024-01-31 08:10:09 -07:00
Tommy
0ce2ac190d
Disable 32 bit emulation
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-15 01:24:49 -07:00
Tommy
e5607c74c6
Update flatpak overrides
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-15 01:14:53 -07:00
Tommy
c817cfc4da
Update flatpak override recommendation
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-11 01:53:58 -07:00
Tommy
891bb0eaf6
Stop recommending Sway
Signed-off-by: Tommy <contact@tommytran.io>
2024-01-11 01:37:59 -07:00
samsepi0l
f1ddd0b892
Fix typos (#188) 2023-12-10 01:18:15 +00:00
Tommy
7c5c2081e1
Fix IOMMU kernel param
Signed-off-by: Tommy <contact@tommytran.io>
2023-12-05 16:36:50 -07:00
Tommy
82a9a6094e
Remove bluetooth kernel module
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-10 16:23:19 -07:00
Tommy
ece5edb4d3
Update Mailcow permission policy
Signed-off-by: Tommy <contact@tommytran.io>
2023-11-07 01:07:30 -07:00
Tommy
599b8317f2
Wording fix (#162)
* Wording fix

Signed-off-by: Tommy <contact@tommytran.io>
Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
2023-09-28 05:39:50 -07:00
Tommy
473bba3df3
Fix Firewalld bypass (#156)
* Update Desktop Linux Hardening.md

Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
Signed-off-by: Tommy <contact@tommytran.io>

---------

Signed-off-by: Tommy <contact@tommytran.io>
Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
2023-09-26 23:18:52 -07:00
Thien Tran
c162d22c35
Disable gzip compression for mailcow
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-08-25 15:28:59 -07:00
Tommy
950bf8ee1d
Pronoun fix
Signed-off-by: Tommy <contact@tommytran.io>
2023-08-16 06:10:34 -07:00
Tommy
8131129099
Mention Ubuntu Pro (#149)
Update Desktop Linux Hardening.md

Signed-off-by: Tommy <contact@tommytran.io>
2023-08-16 06:04:49 -07:00
Tommy
e14fb3e05a
Consistency fix
Signed-off-by: Tommy <contact@tommytran.io>
2023-08-16 04:12:33 -07:00
Tommy
0f9f94d2ce
Add upgrade-insecure-requests; 2023-08-15 17:09:44 -07:00
Thien Tran
f8fea8190a
Clarify the location of Chrony's EnvironmentFile
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-08-08 21:26:01 -07:00
Tommy
90dce6a30b
Update Chrony configurations 2023-08-08 21:08:20 -07:00
Tommy
7226a9c72f
Update file path for Proxmox 8 2023-07-26 15:00:38 -07:00
Tommy
901bb89f66
Mention that /etc/apt/sources.list.d/* should be 644 (#138)
* Update Desktop Linux Hardening.md

Signed-off-by: Tommy <contact@tommytran.io>
2023-06-30 03:32:49 -07:00
Tommy
d7a8bd7849
Secure Time Synchronization on macOS (#139)
Signed-off-by: Tommy <contact@tommytran.io>
2023-06-25 10:16:31 -07:00
Thien Tran
0a1d5a899e
Typo Fixes
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-13 02:57:28 -07:00
Thien Tran
2090622bbc
/var/lib/zypp/AnonymousUniqueId should be emptied
Signed-off-by: Thien Tran <contact@tommytran.io>
2023-06-13 02:53:54 -07:00
Tommy
b4597888c7
Mention fancy snap packages (#127) 2023-06-06 08:35:37 +00:00
Reflux0301
e29398c5bb
Change to dropbear-initramfs (#126)
Dropbear is an SSH client, but since Proxmox is Debian-based, this requires dropbear-initramfs

Signed-off-by: Reflux0301 <130855216+Reflux0301@users.noreply.github.com>
2023-06-03 18:17:54 -07:00
Tommy
f343fc98c4
Typo fix (#124)
Signed-off-by: Tommy <contact@tommytran.io>
2023-05-17 12:15:01 -07:00
samsepi0l
2af22036b8
Fix CSP for SOGo (#122)
Signed-off-by: samsepi0l <contact@simpleprivacy.fr>
2023-05-02 03:39:34 -04:00
Tommy
a93e35a979
Update Cipher configuration (#118)
Signed-off-by: Tommy <contact@tommytran.io>
2023-04-15 05:57:23 -04:00
Rusty Process
0a1bd622ee
Fix Boot Parameters (#117) 2023-04-15 05:51:28 -04:00
Tommy
cea952ae7e
Delete rpool/copyroot dataset
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-12 15:01:23 -04:00
Tommy
6edffffc85
Proxmox ZFS Native Encryption Post (#114)
* Proxmox ZFS Native Encryption Post

Signed-off-by: Tommy <contact@tommytran.io>
2023-03-12 10:06:35 -04:00
Tommy
3a3288a141
Rename file
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-11 11:28:06 -05:00
Tommy
9bbe003b35
Multiple fixes to Linux posts (#111)
* Multiple fixes to Linux posts

Co-authored-by: wj25czxj47bu6q <96372288+wj25czxj47bu6q@users.noreply.github.com>
Signed-off-by: Tommy <contact@tommytran.io>
2023-03-06 06:21:54 -05:00