Merge remote-tracking branch 'origin/master'

This commit is contained in:
Patrick Schleizer 2020-02-17 03:17:11 -05:00
commit 221000db5b
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
2 changed files with 8 additions and 0 deletions

2
debian/control vendored
View File

@ -136,6 +136,8 @@ Description: enhances misc security settings
* https://twitter.com/pid_eins/status/1149649806056280069
* For more references, see:
* /etc/default/grub.d/40_distrust_cpu.cfg
.
* Gathers more entropy during boot if using the linux-hardened kernel patch.
.
Uncommon network protocols are blacklisted:
These are rarely used and may have unknown vulnerabilities.

View File

@ -53,3 +53,9 @@ fi
#if dpkg --compare-versions "${kver}" ge "5.4"; then
# GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX lockdown=confidentiality"
#fi
## Gather more entropy during boot.
##
## Requires linux-hardened kernel patch.
## https://github.com/anthraxx/linux-hardened
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX extra_latent_entropy"