security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-27 12:09:22 -05:00

Author	SHA1	Message	Date
Patrick Schleizer	0ae5c5ff14	remove umask changes since these are causing issues are are not needed anymore thanks to home folder permission lockdown https://forums.whonix.org/t/change-default-umask/7416/45	2019-08-24 12:14:22 -04:00
Patrick Schleizer	41c4682280	bumped changelog version	2019-08-23 16:57:12 +00:00
Patrick Schleizer	e77260fd9c	readme	2019-08-23 16:53:55 +00:00
Patrick Schleizer	793c9b6801	Merge remote-tracking branch 'origin/master'	2019-08-19 12:48:23 +00:00
Patrick Schleizer	a74b983283	remove LLC - IEEE 802.2 from blacklist since required by KVM https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107 https://forums.whonix.org/t/blacklist-uncommon-network-protocols/7391/22 https://github.com/Whonix/security-misc/pull/29	2019-08-19 12:46:59 +00:00
Patrick Schleizer	44d62e05b5	Merge pull request #29 from onions-knight/patch-1 Update uncommon-network-protocols.conf	2019-08-19 12:45:52 +00:00
onions-knight	a8b6281119	Update uncommon-network-protocols.conf Removing llc from blacklisted network protocols as it is needed by KVM for networking. See https://hub.packtpub.com/kvm-networking-libvirt/ and https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107	2019-08-19 11:30:57 +00:00
Patrick Schleizer	0140df8668	virusforget	2019-08-19 08:43:28 +00:00
Patrick Schleizer	113ab42568	virusforget	2019-08-19 08:31:23 +00:00
Patrick Schleizer	416906d4f9	virusforget	2019-08-19 08:19:35 +00:00
Patrick Schleizer	2d867d9fee	virusforget	2019-08-19 08:10:18 +00:00
Patrick Schleizer	8e76e6b8b3	fix	2019-08-19 07:48:12 +00:00
Patrick Schleizer	3f068f77fe	keep cache folder outside of reach of user since even user can remove files owned by root in its home folder	2019-08-19 07:47:20 +00:00
Patrick Schleizer	1fa1efa58e	credits	2019-08-19 07:22:09 +00:00
Patrick Schleizer	1e026a3ebb	initial development version of VirusForget	2019-08-18 22:50:44 +00:00
Patrick Schleizer	e15b560305	bumped changelog version	2019-08-17 10:54:08 +00:00
Patrick Schleizer	c897682794	readme	2019-08-17 10:53:45 +00:00
Patrick Schleizer	e535232728	description	2019-08-17 10:37:49 +00:00
Patrick Schleizer	7ffdd7c240	description	2019-08-17 10:37:42 +00:00
Patrick Schleizer	207399439f	description	2019-08-17 10:37:36 +00:00
Patrick Schleizer	d4fb485e70	description	2019-08-17 10:35:31 +00:00
Patrick Schleizer	41b2819ec8	PAM: abort on locked password to avoid needlessly bumping pam_tally2 counter https://forums.whonix.org/t/restrict-root-access/7658/1	2019-08-17 10:33:47 +00:00
Patrick Schleizer	e0e25364e2	bumped changelog version	2019-08-17 09:57:48 +00:00
Patrick Schleizer	cfd18d4486	readme	2019-08-17 09:56:29 +00:00
Patrick Schleizer	ed90d8b025	change default umask to 027 as per: https://forums.whonix.org/t/change-default-umask/7416/47	2019-08-17 09:55:20 +00:00
Patrick Schleizer	b9127faac3	bumped changelog version	2019-08-16 16:05:51 +00:00
Patrick Schleizer	e004a5e0cf	readme	2019-08-16 16:05:25 +00:00
Patrick Schleizer	f9e3825e91	fix lintian warning	2019-08-16 16:05:09 +00:00
Patrick Schleizer	ec99720811	bumped changelog version	2019-08-16 15:59:14 +00:00
Patrick Schleizer	6a68c3bd9c	readme	2019-08-16 15:57:30 +00:00
Patrick Schleizer	224f95799c	sudo default umask 006 https://forums.whonix.org/t/change-default-umask/7416/43	2019-08-16 11:15:25 -04:00
Patrick Schleizer	17cfcb63b6	code simplification; report locked account earlier	2019-08-16 10:50:56 -04:00
Patrick Schleizer	5754671c46	Merge remote-tracking branch 'origin/master'	2019-08-16 10:36:43 -04:00
Patrick Schleizer	9781598632	Merge pull request #27 from madaidan/patch-21 Blacklist bluetooth	2019-08-16 14:36:00 +00:00
Patrick Schleizer	85502ad430	Merge branch 'master' into patch-21	2019-08-16 14:35:51 +00:00
Patrick Schleizer	34672b88a8	bumped changelog version	2019-08-15 15:18:02 +00:00
Patrick Schleizer	a11e3cea9e	readme	2019-08-15 15:08:48 +00:00
Patrick Schleizer	ff9bc1d7ea	informational output during PAM: * Show failed and remaining password attempts. * Document unlock procedure if Linux user account got locked. * Point out, that there is no password feedback for `su`. * Explain locked (root) account if locked. * /usr/share/pam-configs/tally2-security-misc * /usr/lib/security-misc/pam_tally2-info	2019-08-15 13:37:28 +00:00
Patrick Schleizer	454e135822	pam_tally2.so even_deny_root	2019-08-15 07:33:41 +00:00
Patrick Schleizer	63b476221c	use requisite rather than required to avoid asking for password needlessly if login will fail anyhow	2019-08-15 07:30:56 +00:00
Patrick Schleizer	ce4a30d3ce	bumped changelog version	2019-08-14 11:52:26 +00:00
Patrick Schleizer	a7c25a451c	remove unneeded dependency on libpam-cgfs	2019-08-14 11:50:53 +00:00
Patrick Schleizer	633854c6be	bumped changelog version	2019-08-14 11:13:25 +00:00
Patrick Schleizer	0feb54b28e	add Depends: apparmor-profile-anondist to fix apparmor issue sudo[19806]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied sudo[18961]: pam_exec(sudo:session): /usr/lib/security-misc/permission-lockdown failed: exit code 13 kernel: audit: type=1400 audit(1565780860.972:224): apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=19806 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0	2019-08-14 11:10:18 +00:00
Patrick Schleizer	8fdc77fed5	output to stdout	2019-08-14 10:33:23 +00:00
Patrick Schleizer	5213cfbcdc	bumped changelog version	2019-08-14 10:08:18 +00:00
Patrick Schleizer	2875adb722	readme	2019-08-14 10:07:55 +00:00
Patrick Schleizer	01b3a0bfae	description	2019-08-14 09:52:53 +00:00
Patrick Schleizer	547ba91d79	sanity test	2019-08-14 09:45:30 +00:00
Patrick Schleizer	dee195d89e	description	2019-08-14 09:40:41 +00:00

1 2 3 4 5 ...

423 Commits