security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-04-19 22:55:51 -04:00

Author	SHA1	Message	Date
Patrick Schleizer	9948ae114d	fix	2025-04-19 13:24:17 -04:00
Patrick Schleizer	4aca622706	fix	2025-04-19 13:23:26 -04:00
Patrick Schleizer	701f4a0e88	output	2025-04-19 13:20:04 -04:00
Patrick Schleizer	a670c0d873	comment	2025-04-19 13:18:23 -04:00
Patrick Schleizer	4799f3ce02	make `/usr/libexec/security-misc/apt-get-update` more reliable	2025-04-19 13:17:28 -04:00
Patrick Schleizer	c4f0e1d16f	refactoring	2025-04-19 12:57:14 -04:00
Patrick Schleizer	81634930fa	refactoring	2025-04-19 12:55:32 -04:00
Patrick Schleizer	90330a1ec9	refactoring	2025-04-19 12:49:18 -04:00
Patrick Schleizer	ce2c9a21a3	/usr/libexec/security-misc/apt-get-update: use `/run/helper-scripts` folder for pid file instead of `$TMP` to avoid permission issues	2025-04-19 12:48:19 -04:00
Patrick Schleizer	96ff7c8dc6	refactoring	2025-04-19 12:45:06 -04:00
Patrick Schleizer	5a37790e6b	cleanup	2025-04-19 12:43:15 -04:00
Patrick Schleizer	9f2836d2ba	Merge pull request #304 from raja-grewal/stop_pstore Disable PStore	2025-04-15 15:17:25 -04:00
Aaron Rainbolt	74ca63d12c	Mass-change "PERSISTENCE mode USERNAME" to "PERSISTENCE Mode - USERNAME Session"	2025-04-09 21:01:41 -05:00
Patrick Schleizer	39f4f5b607	comments	2025-04-08 06:53:08 -04:00
Patrick Schleizer	173606891a	output	2025-04-08 06:48:29 -04:00
raja-grewal	f643ebc2f9	Disable pstore processing by systemd-pstore service	2025-03-16 03:28:39 +00:00
raja-grewal	ce4b57d1cb	Update docs on kernel panics	2025-02-03 00:31:45 +00:00
Patrick Schleizer	9f5e522b83	LC_ALL=C	2025-01-30 07:53:04 -05:00
Patrick Schleizer	7c150d116d	LANG=C str_replace: no longer requires LANG=C, therefore removed	2025-01-30 07:45:08 -05:00
Patrick Schleizer	d5ad29a732	add /usr/lib/polkit-1/polkit-agent-helper-1 to permission hardener hardcoded statoverride file	2025-01-22 09:04:44 -05:00
Patrick Schleizer	80bd314436	add `.whonix` files to hardcoded files	2025-01-22 08:25:14 -05:00
Aaron Rainbolt	42f34f5a4c	Don't handle files with multiple hardlinks	2025-01-21 21:49:03 -06:00
Aaron Rainbolt	5e60416c86	Make permission-hardener always apply changes to real files, not symlinks	2025-01-21 21:05:03 -06:00
Aaron Rainbolt	ed767e00b0	Add some local variable declarations	2025-01-21 16:41:30 -06:00
Aaron Rainbolt	a97620a2e4	Add print-diagnostics command to permission-hardener	2025-01-20 22:43:55 -06:00
Patrick Schleizer	df9d058ed9	usrmerge	2025-01-20 06:28:16 -05:00
Patrick Schleizer	4e0d5a196c	delete comment only configuration file (moved to user-sysmaint-split)	2025-01-20 04:30:26 -05:00
Patrick Schleizer	1b4d1edfc3	comments	2025-01-20 04:29:42 -05:00
Aaron Rainbolt	328f747179	Restore permission-hardener's notice about how to compare old and new states	2025-01-14 20:35:28 -06:00
Aaron Rainbolt	c6f09748f3	Handle de-corruption of new_mode a bit better	2025-01-14 20:27:53 -06:00
Aaron Rainbolt	a0f81958df	De-corrupt the new_mode permission-hardener statoverride database too	2025-01-14 19:25:15 -06:00
Patrick Schleizer	eec2e2c8ee	comment	2025-01-14 04:13:39 -05:00
Patrick Schleizer	6d282226ef	comment	2025-01-14 04:12:12 -05:00
Patrick Schleizer	466308e4f9	permission hardener: disable SUID for `chrome-sandbox`	2025-01-14 04:09:57 -05:00
Patrick Schleizer	7a5f8b87af	permission hardener: disable SUID for `ssh-agent`, `ssh-keysign`, `/lib/openssh/*` This might break SSH host-based authentication.	2025-01-14 04:06:44 -05:00
Patrick Schleizer	d89ffcde30	comment	2025-01-14 04:04:09 -05:00
Patrick Schleizer	9f1759ba0e	comment	2025-01-14 03:56:55 -05:00
Patrick Schleizer	0ac85ea9f5	comment	2025-01-14 03:54:35 -05:00
Patrick Schleizer	fce6a5f830	comment	2025-01-14 03:51:43 -05:00
Patrick Schleizer	1e99404813	comment	2025-01-14 03:50:16 -05:00
Patrick Schleizer	b198591537	comment	2025-01-14 03:49:42 -05:00
Patrick Schleizer	7d44db2cb2	usrmerge	2025-01-14 03:49:15 -05:00
Aaron Rainbolt	de9ebabd46	Fix minor migration bugs, don't run the migration code on new image builds	2025-01-13 22:16:02 -06:00
Patrick Schleizer	1b33e83529	Merge pull request #291 from raja-grewal/drop_gratuitous_arp Drop gratuitous ARP packets	2025-01-10 10:29:30 -05:00
Patrick Schleizer	486757bfae	Merge pull request #290 from raja-grewal/arp_ignore Respond to ARP requests only if the target IP address is on-link	2025-01-10 10:29:12 -05:00
Patrick Schleizer	17ff249150	Merge pull request #289 from raja-grewal/arp_filter Enable ARP filtering	2025-01-10 10:28:48 -05:00
Patrick Schleizer	27d19ba568	Merge pull request #288 from raja-grewal/shared_media Deny sending and receiving shared media redirects	2025-01-10 10:28:05 -05:00
Patrick Schleizer	482960d056	permission-hardener: move to new state folder `/var/lib/permission-hardener-v2` without migration https://github.com/Kicksecure/security-misc/pull/294	2025-01-10 10:21:12 -05:00
Patrick Schleizer	3a31cc99b3	Merge remote-tracking branch 'ArrayBolt3/arraybolt3/usrmerge'	2025-01-09 09:30:58 -05:00
raja-grewal	1f8eee4720	Add missing sentence full stop	2025-01-08 18:36:00 +11:00

1 2 3 4 5 ...

975 Commits