Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-13 03:19:25 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
This commit is contained in:
Patrick Schleizer 2019-08-16 10:36:43 -04:00
commit 5754671c46
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
debian/control vendored
View File

@ -72,7 +72,10 @@ Description: enhances misc security settings
* The kernel now panics on oopses to prevent it from continuing running a
flawed process.
.
Requires every module to be signed before being loaded. Any module that is
* Bluetooth is blacklisted to reduce attack surface. Bluetooth also has
a history of [security concerns](https://en.wikipedia.org/wiki/Bluetooth#History_of_security_concerns).
.
* Requires every module to be signed before being loaded. Any module that is
unsigned or signed with an invalid key cannot be loaded. This makes it harder
to load a malicious module.
/etc/default/grub.d/40_only_allow_signed_modules.cfg

3
etc/modprobe.d/blacklist-bluetooth.conf Normal file
View File

@ -0,0 +1,3 @@
# Blacklists bluetooth.
install bluetooth /bin/true
install btusb /bin/true