Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-12 14:39:31 -05:00
Code Issues Packages Projects Releases Wiki Activity

comments

Browse Source
This commit is contained in:
Patrick Schleizer 2019-12-23 09:39:50 -05:00
parent 7a80837b4f
commit 9d77d88a4d
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
etc/permission-hardening.d/30_default.conf
View File

@ -113,3 +113,15 @@ dbus-daemon-launch-helper matchwhitelist
/usr/local/lib/ nosuid
/usr/local/lib32/ nosuid
/usr/local/lib64/ nosuid
######################################################################
# Capability Removal
######################################################################
## Ping doesn't work with Tor anyway so its capabilities are removed to
## reduce attack surface.
## anon-apps-config does this.
#/bin/ping 0744 root root none
## TODO: research
#/usr/lib/x86_64-linux-gnu/gstreamer1.0/grstreamer-1.0/gst-ptp-helper 0744 root root none