Split the security-misc into security-misc-shared, security-misc-desktop and security-misc-server: rename files

https://github.com/Kicksecure/security-misc/issues/187
2025-11-25 23:27:27 -05:00 · 2025-09-17 14:49:28 -04:00 · 2025-09-17 14:49:28 -04:00 · f70550d015
commit f70550d015
parent 2de10d5b7b
132 changed files with 35 additions and 0 deletions
--- a/etc/gitconfig#security-misc-shared
+++ b/etc/gitconfig#security-misc-shared
@ -0,0 +1,38 @@
+## Copyright (C) 2024 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
+## See the file COPYING for copying conditions.
+
+## Lines starting with a hash symbol ('#') are comments.
+## https://github.com/Kicksecure/security-misc/issues/225
+
+[core]
+## https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm
+	symlinks = false
+
+## https://forums.whonix.org/t/git-users-enable-fsck-by-default-for-better-security/2066
+[transfer]
+	fsckobjects = true
+[fetch]
+	fsckobjects = true
+[receive]
+	fsckobjects = true
+
+## Generally a good idea but too intrusive to enable by default.
+## Listed here as suggestions what users should put into their ~/.gitconfig
+## file.
+
+## Not enabled by default because it requires essential knowledge about OpenPG
+## and an already existing local signing key. Otherwise would prevent all new
+## commits.
+#[commit]
+#	gpgsign = true
+
+## Not enabled by default because it would break the 'git merge' command for
+## unsigned commits and require the '--no-verify-signature' command line
+## option.
+#[merge]
+#	verifySignatures = true
+
+## Not enabled by default because it would break for users who are not having
+## an account at the git server and having added a SSH public key.
+#[url "ssh://git@github.com/"]
+#	insteadOf = https://github.com/