Disable two network modules

These were previously blacklisted for two years in 61ef9bd59f.
2025-02-06 06:05:19 -05:00 · 2024-07-17 01:09:02 +10:00 · 2024-07-17 01:09:02 +10:00 · f317aaebab
commit f317aaebab
parent d69fe88091
1 changed files with 4 additions and 2 deletions
--- a/etc/modprobe.d/30_security-misc_disable.conf
+++ b/etc/modprobe.d/30_security-misc_disable.conf
@ -113,10 +113,12 @@ install nfsv4 /usr/bin/disabled-netfilesys-by-security-misc

 ## Network Protocols:
 ## Disables rare and unneeded network protocols that are a common source of unknown vulnerabilities.
+## Previously had blacklisted eepro100 and eth1394.
 ##
 ## https://tails.boum.org/blueprint/blacklist_modules/
 ## https://fedoraproject.org/wiki/Security_Features_Matrix#Blacklist_Rare_Protocols
 ## https://git.launchpad.net/ubuntu/+source/kmod/tree/debian/modprobe.d/blacklist-rare-network.conf?h=ubuntu/disco
+## https://github.com/Kicksecure/security-misc/pull/234#issuecomment-2230732015
 ##
 install af_802154 /usr/bin/disabled-network-by-security-misc
 install appletalk /usr/bin/disabled-network-by-security-misc
@ -125,8 +127,8 @@ install ax25 /usr/bin/disabled-network-by-security-misc
 install decnet /usr/bin/disabled-network-by-security-misc
 install dccp /usr/bin/disabled-network-by-security-misc
 install econet /usr/bin/disabled-network-by-security-misc
-#install eepro100 /usr/bin/disabled-network-by-security-misc
-#install eth1394 /usr/bin/disabled-network-by-security-misc
+install eepro100 /usr/bin/disabled-network-by-security-misc
+install eth1394 /usr/bin/disabled-network-by-security-misc
 install ipx /usr/bin/disabled-network-by-security-misc
 install n-hdlc /usr/bin/disabled-network-by-security-misc
 install netrom /usr/bin/disabled-network-by-security-misc