From ec5fcf813b80347e5d8aa55dbd5d77860e62ccc6 Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Thu, 3 Oct 2019 20:50:48 +0000
Subject: [PATCH] Update control

---
 debian/control | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/debian/control b/debian/control
index b604cb1..461f477 100644
--- a/debian/control
+++ b/debian/control
@@ -84,6 +84,13 @@ Description: enhances misc security settings
   * Bluetooth is blacklisted to reduce attack surface. Bluetooth also has
  a history of security concerns.
  https://en.wikipedia.org/wiki/Bluetooth#History_of_security_concerns
+ .
+  * A systemd service restricts /proc/cpuinfo, /proc/bus, /proc/scsi and
+ /sys to the root user only. This hides a lot of hardware identifiers from
+ unprivileged users and increases security as /sys exposes a lot of information
+ that shouldn't be accessible to unprivileged users. As this will break many
+ things, it is disabled by default and can optionally be enabled by running
+ `systemctl enable hide-hardware-info.service` as root.
  .
  Uncommon network protocols are blacklisted:
  These are rarely used and may have unknown vulnerabilities.