Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-06-07 10:02:40 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update control

Browse source
This commit is contained in:
madaidan 2019-06-28 11:34:35 +00:00 committed by GitHub
parent b26d861dff
commit 9e9c854d27
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
debian/control vendored
View file

@ -97,13 +97,13 @@ Description: enhances misc security settings
. .
DCCP, SCTP, TIPC and RDS are blacklisted as they are rarely used and may have DCCP, SCTP, TIPC and RDS are blacklisted as they are rarely used and may have
unknown vulnerabilities. unknown vulnerabilities.
.
The kernel logs are restricted to root only. The kernel logs are restricted to root only.
.
A systemd service clears System.map on boot as these contain kernel symbols that could be useful to an attacker. A systemd service clears System.map on boot as these contain kernel symbols that could be useful to an attacker.
.
The SysRq key is restricted to only allow shutdowns/reboots. The SysRq key is restricted to only allow shutdowns/reboots.
.
The thunderbolt and firewire modules are blacklisted as they can be used for DMA (Direct Memory Access) attacks. The thunderbolt and firewire modules are blacklisted as they can be used for DMA (Direct Memory Access) attacks.
.
IOMMU is enabled with a boot parameter to prevent DMA attacks. IOMMU is enabled with a boot parameter to prevent DMA attacks.