Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

Create hide-hardware-info

Browse Source
This commit is contained in:
madaidan 2019-10-03 20:45:14 +00:00 committed by GitHub
parent ddc778b452
commit 9449f5017a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
usr/lib/security-misc/hide-hardware-info Normal file
View File

@ -0,0 +1,21 @@
#!/bin/bash
## sysfs and debugfs expose a lot of information
## that should not be accessible by an unprivileged
## user which includes hardware info, debug info and
## more. This restricts /sys, /proc/cpuinfo, /proc/bus
## and /proc/scsi to the root user only. This hides
## many hardware identifiers from ordinary users
## and increases security.
for i in /proc/cpuinfo /proc/bus /proc/scsi /sys
do
if [ -e "${i}" ]; then
chmod og-rwx "${i}"
else
## /proc/scsi doesn't exist on Debian so errors
## are expected here.
if ! [ "${i}" = "/proc/scsi" ]; then
echo "ERROR: ${i} could not be found."
fi
fi
done