From 24b326d906375bb543b936936519231f51154dcd Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Mon, 8 Jul 2019 23:24:41 +0000
Subject: [PATCH] Update control

---
 debian/control | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/debian/control b/debian/control
index b7198b0..59ba659 100644
--- a/debian/control
+++ b/debian/control
@@ -25,6 +25,8 @@ Description: enhances misc security settings
  deactivates Netfilter's connection tracking helper;
  implements some kernel hardening;
  prevents DMA attacks;
+ restricts access to the root account;
+ increases the amount of hashing rounds used by shadow;
  .
  TCP time stamps (RFC 1323) allow for tracking clock
  information with millisecond resolution. This may or may not allow an
@@ -118,3 +120,11 @@ Description: enhances misc security settings
  .
  The default umask is changed to 006. This allows only the owner and group to
  read and write to newly created files.
+ .
+ Su is restricted to only users within the root group which prevents users from
+ using su to gain root access or switch user accounts.
+ .
+ Logging into the root account from a terminal is prevented.
+ .
+ The amount of hashing rounds used by shadow is bumped to 65536. This increases
+ the security of hashed passwords.