Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #64 from madaidan/extra_latent_entropy

Browse Source 
Gather more entropy during boot
This commit is contained in:
Patrick Schleizer 2020-02-17 08:16:34 +00:00 committed by GitHub
commit c7f2537930
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
debian/control vendored
View File

@ -136,6 +136,8 @@ Description: enhances misc security settings
* https://twitter.com/pid_eins/status/1149649806056280069
* For more references, see:
* /etc/default/grub.d/40_distrust_cpu.cfg
.
* Gathers more entropy during boot if using the linux-hardened kernel patch.
.
Uncommon network protocols are blacklisted:
These are rarely used and may have unknown vulnerabilities.

6
etc/default/grub.d/40_kernel_hardening.cfg
View File

@ -53,3 +53,9 @@ fi
#if dpkg --compare-versions "${kver}" ge "5.4"; then
# GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX lockdown=confidentiality"
#fi
## Gather more entropy during boot.
##
## Requires linux-hardened kernel patch.
## https://github.com/anthraxx/linux-hardened
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX extra_latent_entropy"