Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

description

Browse Source
This commit is contained in:
Patrick Schleizer 2019-08-11 10:34:38 +00:00
parent c0b5c70de4
commit aacd9c7679
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
debian/control vendored
View File

@ -108,7 +108,7 @@ Description: enhances misc security settings
. .
* `su` is restricted to only users within the group `sudo` which prevents * `su` is restricted to only users within the group `sudo` which prevents
users from using `su` to gain root access or to switch user accounts. users from using `su` to gain root access or to switch user accounts.
/usr/share/pam-configs/security-misc /usr/share/pam-configs/wheel-security-misc
(Which results in a change in file `/etc/pam.d/common-auth`.) (Which results in a change in file `/etc/pam.d/common-auth`.)
. .
* Add user `root` to group `sudo`. This is required to make above work so * Add user `root` to group `sudo`. This is required to make above work so
@ -116,7 +116,7 @@ Description: enhances misc security settings
debian/security-misc.postinst debian/security-misc.postinst
. .
* Lock user accounts after 5 failed login attempts using pam_tally2. * Lock user accounts after 5 failed login attempts using pam_tally2.
/usr/share/pam-configs/security-misc /usr/share/pam-configs/tally2-security-misc
. .
* Logging into the root account from a virtual, serial, whatnot console is * Logging into the root account from a virtual, serial, whatnot console is
prevented by shipping an existing and empty /etc/securetty. prevented by shipping an existing and empty /etc/securetty.
@ -132,7 +132,7 @@ Description: enhances misc security settings
* Enables pam_umask.so usergroups so group permissions are same as user * Enables pam_umask.so usergroups so group permissions are same as user
permissions. Debian by default uses User Private Groups (UPG). permissions. Debian by default uses User Private Groups (UPG).
https://wiki.debian.org/UserPrivateGroups https://wiki.debian.org/UserPrivateGroups
/usr/share/pam-configs/usergroups /usr/share/pam-configs/usergroups-security-misc
. .
* Create home directory on login with umask 006 using * Create home directory on login with umask 006 using
pam_mkhomedir.so umask=006 pam_mkhomedir.so umask=006