mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-12-26 15:39:31 -05:00
description
This commit is contained in:
parent
0ae3e689b5
commit
24ea70384b
9
debian/control
vendored
9
debian/control
vendored
@ -217,6 +217,15 @@ Description: enhances misc security settings
|
|||||||
debian/security-misc.postinst
|
debian/security-misc.postinst
|
||||||
/usr/lib/security-misc/permission-lockdown
|
/usr/lib/security-misc/permission-lockdown
|
||||||
/usr/share/pam-configs/mkhomedir-security-misc
|
/usr/share/pam-configs/mkhomedir-security-misc
|
||||||
|
.
|
||||||
|
* SUID / GUID removal and permission hardening.
|
||||||
|
A systemd service removed SUID / GUID from non-essential binaries as these are
|
||||||
|
often used in privilege escalation attacks.
|
||||||
|
It is disabled by default for now during testing and can optionally be enabled
|
||||||
|
by running `systemctl enable permission-hardening.service` as root.
|
||||||
|
/usr/lib/security-misc/permission-hardening
|
||||||
|
/lib/systemd/system/permission-hardening.service
|
||||||
|
/etc/permission-hardening.d/30_default.conf
|
||||||
.
|
.
|
||||||
access rights relaxations:
|
access rights relaxations:
|
||||||
.
|
.
|
||||||
|
Loading…
Reference in New Issue
Block a user