Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-26 15:39:31 -05:00
Code Issues Packages Projects Releases Wiki Activity

Update control

Browse Source
This commit is contained in:
madaidan 2019-10-03 20:50:48 +00:00 committed by GitHub
parent ce97e5ed82
commit ec5fcf813b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
debian/control vendored
View File

@ -84,6 +84,13 @@ Description: enhances misc security settings
* Bluetooth is blacklisted to reduce attack surface. Bluetooth also has
a history of security concerns.
https://en.wikipedia.org/wiki/Bluetooth#History_of_security_concerns
.
* A systemd service restricts /proc/cpuinfo, /proc/bus, /proc/scsi and
/sys to the root user only. This hides a lot of hardware identifiers from
unprivileged users and increases security as /sys exposes a lot of information
that shouldn't be accessible to unprivileged users. As this will break many
things, it is disabled by default and can optionally be enabled by running
`systemctl enable hide-hardware-info.service` as root.
.
Uncommon network protocols are blacklisted:
These are rarely used and may have unknown vulnerabilities.