Commit Graph

89 Commits

Author SHA1 Message Date
Andrew David Wong
e67088f3bd
Revert "attacker emailing himself" sentence for clarity 2017-10-26 21:29:16 -05:00
Andrew David Wong
7af0784363
Merge branch 'patch-24' of https://github.com/stubbybubby/qubes-doc into stubbybubby-patch-24 2017-10-26 21:21:12 -05:00
Robin Schneider
8ef2335394
Fix root shell PS1 in security/split-gpg
The first command invokes a `bash` shell with elevated rights. The `echo`
file redirection would not work as normal `user`.
2017-10-09 22:17:07 +02:00
Andrew David Wong
99fdbf29b4
Update examples from fedora-24 to fedora-25 2017-07-29 21:21:25 -05:00
Christopher Laprise
b27f90d74f
Fix auth for 'su' command 2017-07-12 15:07:13 -04:00
Dean V
f572f00826 Edit + Disagreement
Did some prosaic editing:
* Removed unnecessary parentheses
* Shortened long sentences
* Wording changes.
* Removed restatements of earlier sentences
Also, this document made the following error about cooperative covert leaking channels in Qubes OS:

> It is likely that the only way to **fully protect against leaks of type 1** and 2 is to either pause or shut down all other VMs while performing sensitive operations in the target VM(s) (such as key generation).

This is wrong. Closing the other VMs while performing such important activities does nothing to stop leaks in type 1, assuming you turn the other VMs back on at some point. The (presumably compromised) AppVM in question can easily write the information it needs to leak down until the other Qubes come back online. Inserted a new sentence clarifying this.
2017-05-17 19:54:15 -07:00
fortasse
8f8384c6e9 Fix redirect loop in /doc/firewall/ 2017-05-13 21:09:39 -04:00
Marek Marczykowski-Górecki
1e5bdb770a
Merge remote-tracking branch 'origin/pr/408' into https
* origin/pr/408:
  Update firewall.md
2017-05-06 23:38:03 +02:00
InstantGratimification
66b604ea5a Update firewall.md 2017-05-03 15:11:44 +00:00
InstantGratimification
b3dcea40a8 http -> https + blogspot -> https://blog.invisiblethings.org 2017-05-03 14:49:41 +00:00
InstantGratimification
053164de28 Update anti-evil-maid.md 2017-05-03 10:04:52 +00:00
stubbybubby
469ca0c5e2 Revert previous commit
That was weird. Iw as sure they were dead links.
2017-04-17 17:11:51 -07:00
stubbybubby
23726eb505 Remove dead links
Removed some dead links in the introduction.
2017-04-16 19:33:19 -07:00
stubbybubby
44f8c8eb7c Edit expose-like-effect part
Updated the paragraphs to reflect the current desktop environment of QubesOS.
2017-04-16 16:55:38 -07:00
stubbybubby
848ee837e8 Modified introduction
Removed the reference to the original older qubesos introduction and made the introduction of this article a standalone statement.
2017-04-16 15:20:21 -07:00
stubbybubby
7569cf3b95 Add disclaimer and clarifications about signatures
Wrote a paragraph or two about verifying the QubesOS ISO signature and wrote a disclaimer that Qubes does not automatically verify external downloads not coming from its own repositories.
2017-04-16 15:09:04 -07:00
stubbybubby
824618d805 Edit/Rewrite security-guidelines.md
A few content changes, read over them to see if you like them:
* A few sentences were reworded so that end users could understand them better, without sacrificing detail. 
* Sometimes more detail was added to give context to sentences or to make them more accurate.
* New sentences were added to help transitions in thought.
* New sentences were added to provide reasoning to earlier instructions so that the reader knew why they were important.

None of these content changes were particularly extensive or clashed with the original paper but they do change the meaning a bit, so I thought it important to document them.

Other changes:
* Subject-verb agreement
* Corrected some parentheses placements
* Misc. Grammar Fixes
* Inserted forgotten commas and periods
* Word variation
* Rework on some sentences that had really roundabout ways of saying things

In addition to my PR being a big edit, it is also on an important document. I have looked over my changes well and I know you will too. Reply if anything needs fixing/changing in the PR.

I have more changes that I want to add, but I figured I had edited the document enough already and if I added anythign else or made more extensive modifications it might be hard to tell what exactly I did.
2017-04-15 22:34:37 -07:00
ddcrjlalumiere
b8bac33169 Directly link to HCL 2017-03-21 15:54:32 -04:00
Andrew David Wong
8ab0a855bd
Reorganize security info pages 2017-03-18 19:31:12 -07:00
Michael Carbone
a8af17352c made more clear dom0 vs template commands
based on user error/feedback at training
2017-01-26 17:42:49 -05:00
Andrew David Wong
740b138532
AEM known issue: incompatible with SSD cache 2017-01-03 13:39:04 -08:00
Andrew David Wong
658e02cc50
Update Xen bug count in sudoers comment
Closes QubesOS/qubes-issues#2480
2016-12-04 16:30:33 -08:00
Andrew David Wong
3918733e29
Fix broken link 2016-11-30 20:22:05 -08:00
Andrew David Wong
8cd05ef837
Fix code block formatting
https://github.com/QubesOS/qubes-doc/pull/228#issuecomment-263232368
2016-11-28 02:35:21 -08:00
Andrew David Wong
5e107f5fa0
Merge branch 'patch-8' of https://github.com/tasket/qubes-doc into tasket-patch-8 2016-11-27 16:27:57 -08:00
tasket
76ecc09a9d Update vm-sudo.md
Specify service actions instead of globbing.
2016-11-26 21:38:48 -05:00
Andrew David Wong
fbcf95e21c
Move project security pages to separate directory 2016-11-26 02:12:28 -08:00
Andrew David Wong
ab10f7fb60
Update Fedora version number in examples 2016-11-23 15:38:09 -08:00
Andrew David Wong
b5aaccb4f3
Update qubes-secpack page
* Replace "QSP" with "qubes-secpack"
  (We should only have one official short name for it.)
* Note that the repo itself is independent of the host
  (currently GitHub)
* Minor text cleanup
2016-11-22 14:33:56 -08:00
Andrew David Wong
740aa6d4a4
Add QSB 27 2016-11-22 06:00:21 -08:00
tasket
5dd89f912d Additional step for Whonix
Per this discussion, https://forums.whonix.org/t/fixing-whonix-boot-issue-after-securing-qubes-root-auth/3155/8

Whonix executes sudo commands in non-root startup scripts which causes pop-up auth prompts to appear while Whonix VMs are starting. The problem is partly due to sudo parsing sudoers.d entries in alphabetical order, and some later configs cause earlier ones to get overridden. Adding the right permissions to a lexically 'last' filename resolves the issue.
2016-11-22 05:34:48 -05:00
unman
ccbb26f5cc Correct typo in vm-sudo.md 2016-11-15 20:55:29 +00:00
Andrew David Wong
2d07f7831c
Change "/doc/qubes-firewall/" to "/doc/firewall/" 2016-11-12 12:39:24 -08:00
Andrew David Wong
28aee1d10f
Fix link and clean up text 2016-11-09 14:54:09 -08:00
unman
321e2da1cb Update qubes-firewall.md-include limit on iptables
QubesOS/qubes-issues#1570 refers
2016-11-08 18:15:36 +00:00
Andrew David Wong
37b9e3c361 Rewrite to avoid pronouns entirely 2016-10-20 16:15:31 -07:00
Michael Carbone
2b65809ad3 removed gendered language 2016-10-20 19:28:12 +02:00
Marek Marczykowski-Górecki
e02030119e
Fix internal links 2016-09-25 01:25:34 +02:00
Andrew David Wong
d3f1a13718
Add QSB 26 2016-09-21 10:56:55 -07:00
Andrew David Wong
3a9cbd7b8a
Add QSB 25 2016-09-17 14:00:55 -07:00
Andrew David Wong
55aa8be670
Strengthen disclaimer; clean up text and formatting 2016-08-26 23:58:02 -07:00
Andrew David Wong
5cacc4aa71
Merge branch 'master' of git://github.com/crat0z/qubes-doc into crat0z-master 2016-08-26 23:51:57 -07:00
John Bernard
45b2ccc7b0 Fix broken link
The URL https://www.networkworld.com/news/2007/080207-black-hat-virtual-machine-rootkit-detection.html is a broken link -- presenting an error "Page not found" upon request. However, there exists an archive of this article on archive.org, and I have updated the URL to point to the archive.
2016-08-15 11:50:11 -05:00
crat0z
4e4ecad0be Add Dom0 prompt for root in Debian/Whonix VMs 2016-08-08 16:47:35 -04:00
Andrew David Wong
4f5adaf94d
Provide location of XML file containing firewall rules 2016-07-30 16:55:25 -07:00
xloem
8b488234eb Fix for #2206 2016-07-29 19:56:25 +00:00
Andrew David Wong
4e745b374e
Add QSB 24 to Security Bulletins page 2016-07-27 13:49:58 -07:00
Andrew David Wong
859af9be03
Fix formatting and orthography 2016-07-21 15:09:30 -07:00
clayton
e259037ec3 more /rw/config/ script tweaks 2016-07-20 20:26:17 +08:00
clayton
c44b8a13c9 Add a specific note about where to put iptables in /rw/config/ 2016-07-19 20:09:06 +08:00