mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-12-25 11:39:25 -05:00
Merge pull request #20 from madaidan/patch-15
Blacklist HDLC and use "install" for blacklisting firewire/thunderbolt
This commit is contained in:
commit
649878fdcb
2
debian/control
vendored
2
debian/control
vendored
@ -95,7 +95,7 @@ Description: enhances misc security settings
|
||||
.
|
||||
All mitigations for the MDS vulnerability are enabled.
|
||||
.
|
||||
DCCP, SCTP, TIPC and RDS are blacklisted as they are rarely used and may have
|
||||
DCCP, SCTP, TIPC, RDS and HDLC are blacklisted as they are rarely used and may have
|
||||
unknown vulnerabilities.
|
||||
.
|
||||
The kernel logs are restricted to root only.
|
||||
|
@ -1,3 +1,3 @@
|
||||
# Blacklist thunderbolt and firewire to prevent some DMA attacks.
|
||||
blacklist firewire-core
|
||||
blacklist thunderbolt
|
||||
install firewire-core /bin/true
|
||||
install thunderbolt /bin/true
|
||||
|
@ -3,3 +3,4 @@ install dccp /bin/true
|
||||
install sctp /bin/true
|
||||
install rds /bin/true
|
||||
install tipc /bin/true
|
||||
install n-hdlc /bin/true
|
||||
|
Loading…
Reference in New Issue
Block a user