From 011e55e3e52485ccd728b4bb249efbc816f38806 Mon Sep 17 00:00:00 2001 From: Patrick Schleizer Date: Wed, 17 Jan 2024 13:45:17 -0500 Subject: [PATCH] remove duplicates after usrmerge https://github.com/Kicksecure/security-misc/issues/190 --- etc/permission-hardener.d/30_default.conf | 7 ------- 1 file changed, 7 deletions(-) diff --git a/etc/permission-hardener.d/30_default.conf b/etc/permission-hardener.d/30_default.conf index f1ec473..5db32b2 100644 --- a/etc/permission-hardener.d/30_default.conf +++ b/etc/permission-hardener.d/30_default.conf @@ -37,13 +37,11 @@ ## In case you need to use 'su'. See also: ## https://www.kicksecure.com/wiki/root#su #/usr/bin/su exactwhitelist -#/usr/bin/su exactwhitelist ## https://manpages.debian.org/xserver-xorg-legacy/Xorg.wrap.1.en.html ## https://lwn.net/Articles/590315/ ## https://forums.whonix.org/t/suid-disabler-and-permission-hardener/7706/35 #/usr/lib/xorg/Xorg.wrap whitelist -#/usr/lib/xorg/Xorg.wrap whitelist ###################################################################### # SUID whitelist matches in any section of the path: matchwhitelist @@ -93,25 +91,20 @@ ## ## Remove all SUID/SGID binaries/libraries. -/usr/bin/ nosuid /usr/local/bin/ nosuid /usr/bin/ nosuid /usr/local/usr/bin/ nosuid -/usr/sbin/ nosuid /usr/local/sbin/ nosuid /usr/sbin/ nosuid /usr/local/usr/sbin/ nosuid -/usr/lib/ nosuid /usr/local/lib/ nosuid -/usr/lib32/ nosuid /usr/local/lib32/ nosuid -/usr/lib64/ nosuid /usr/local/lib64/ nosuid /usr/lib/ nosuid