Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-26 05:59:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

readme

Browse Source
This commit is contained in:
Patrick Schleizer 2020-03-03 09:18:38 -05:00
parent cd19c2da00
commit 1dea4dbcf6
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -76,10 +76,10 @@ https://en.wikipedia.org/wiki/Bluetooth#History_of_security_concerns
* A systemd service restricts `/proc/cpuinfo`, `/proc/bus`, `/proc/scsi` and * A systemd service restricts `/proc/cpuinfo`, `/proc/bus`, `/proc/scsi` and
`/sys` to the root user only. This hides a lot of hardware identifiers from `/sys` to the root user only. This hides a lot of hardware identifiers from
unprivileged users and increases security as `/sys` exposes a lot of information unprivileged users and increases security as `/sys` exposes a lot of
that shouldn't be accessible to unprivileged users. As this will break many information that shouldn't be accessible to unprivileged users. As this will
things, it is disabled by default and can optionally be enabled by running break many things, it is disabled by default and can optionally be enabled by
`systemctl enable hide-hardware-info.service` as root. running `systemctl enable hide-hardware-info.service` as root.
`/usr/lib/security-misc/hide-hardware-info` `/usr/lib/security-misc/hide-hardware-info`
`/lib/systemd/system/hide-hardware-info.service` `/lib/systemd/system/hide-hardware-info.service`
`/lib/systemd/system/user@.service.d/sysfs.conf` `/lib/systemd/system/user@.service.d/sysfs.conf`