Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-13 20:49:30 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'github/master'

Browse Source
This commit is contained in:
Patrick Schleizer 2021-03-01 09:12:18 -05:00
commit 3382192b89
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
2 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
etc/hide-hardware-info.d/30_default.conf
View File

@ -6,3 +6,6 @@
## Disable the /proc/cpuinfo whitelist. ## Disable the /proc/cpuinfo whitelist.
#cpuinfo_whitelist=0 #cpuinfo_whitelist=0
## Disable selinux mode.
#selinux=0

14
usr/lib/security-misc/hide-hardware-info
View File

@ -7,6 +7,7 @@ set -e
sysfs_whitelist=1 sysfs_whitelist=1
cpuinfo_whitelist=1 cpuinfo_whitelist=1
selinux=1
shopt -s nullglob shopt -s nullglob
@ -76,3 +77,16 @@ do
fi fi
fi fi
done done
## on SELinux systems, at least /sys/fs/selinux
## must be visible to unprivileged users, else
## SELinux userspace utilities will not function
## properly
if [ -d /sys/fs/selinux ]; then
if [ "${selinux}" = "1" ]; then
chmod o+rx /sys /sys/fs /sys/fs/selinux
echo "INFO: SELinux mode enabled. Restrictions loosened slightly in order to allow userspace utilities to function."
else
echo "INFO: SELinux detected, but SELinux mode is not enabled. Some userspace utilities may not work properly."
fi
fi