mirror of
https://github.com/Kicksecure/security-misc.git
synced 2025-05-09 13:34:57 -04:00
Merge pull request #20 from madaidan/patch-15
Blacklist HDLC and use "install" for blacklisting firewire/thunderbolt
This commit is contained in:
commit
649878fdcb
3 changed files with 4 additions and 3 deletions
2
debian/control
vendored
2
debian/control
vendored
|
@ -95,7 +95,7 @@ Description: enhances misc security settings
|
|||
.
|
||||
All mitigations for the MDS vulnerability are enabled.
|
||||
.
|
||||
DCCP, SCTP, TIPC and RDS are blacklisted as they are rarely used and may have
|
||||
DCCP, SCTP, TIPC, RDS and HDLC are blacklisted as they are rarely used and may have
|
||||
unknown vulnerabilities.
|
||||
.
|
||||
The kernel logs are restricted to root only.
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
# Blacklist thunderbolt and firewire to prevent some DMA attacks.
|
||||
blacklist firewire-core
|
||||
blacklist thunderbolt
|
||||
install firewire-core /bin/true
|
||||
install thunderbolt /bin/true
|
||||
|
|
|
@ -3,3 +3,4 @@ install dccp /bin/true
|
|||
install sctp /bin/true
|
||||
install rds /bin/true
|
||||
install tipc /bin/true
|
||||
install n-hdlc /bin/true
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue