Commit Graph

2303 Commits

Author SHA1 Message Date
Patrick Schleizer
cf5f0edbb8
Merge remote-tracking branch 'raja/sysctl' 2024-07-17 07:59:35 -04:00
Raja Grewal
25fd532ce6
Update README.md relating to sysctl's 2024-07-17 21:56:40 +10:00
Raja Grewal
39fd125eb0
Provide explanation on the disabling of IPv6 Privacy Extensions 2024-07-17 21:44:44 +10:00
Raja Grewal
a3408990ab
Uncomment disabling of already disabled ATM modules 2024-07-17 15:03:39 +10:00
Raja Grewal
693b47e623
Clarify ICMP redirect acceptance and sending 2024-07-17 14:58:30 +10:00
Raja Grewal
81a3715c7c
Add info regarding the downsides of disabling SMT 2024-07-17 13:32:08 +10:00
Raja Grewal
abafb1945c
Add Intel ME references 2024-07-17 13:26:03 +10:00
Raja Grewal
f317aaebab
Disable two network modules
These were previously blacklisted for two years in 61ef9bd59f.
2024-07-17 01:09:02 +10:00
Raja Grewal
d69fe88091
Provide option to disable uvcvideo driver 2024-07-17 01:08:01 +10:00
Raja Grewal
49594ccb22
Partially revert f4d652fa7b 2024-07-17 00:49:25 +10:00
Raja Grewal
824d9b82e5
Uncomment redundant disabling of TCP FACK` 2024-07-17 00:36:18 +10:00
Raja Grewal
d1119c38b6
Apply changes from code review 2024-07-17 00:31:23 +10:00
Patrick Schleizer
fe5c840b79
bumped changelog version 2024-07-15 21:18:55 +00:00
Patrick Schleizer
6e63fc8985
Merge remote-tracking branch 'ben-grande/fuzz' 2024-07-15 17:14:25 -04:00
Patrick Schleizer
fe0846c8c2
fix
https://github.com/Kicksecure/security-misc/pull/234#discussion_r1678065395
2024-07-15 12:30:38 -04:00
Patrick Schleizer
94df2e3d24
further discussion required
https://github.com/Kicksecure/security-misc/pull/234#issuecomment-2228909249
2024-07-15 12:29:52 -04:00
Patrick Schleizer
41f0b53dd6
Merge remote-tracking branch 'raja/kernel_modules' 2024-07-15 12:28:03 -04:00
Raja Grewal
73f6d4b26f
Fix transcription error 2024-07-16 01:03:41 +10:00
Raja Grewal
724435e56e
Disable some Intel Platform Monitoring Technology Telemetry (PMT) modules 2024-07-15 22:38:43 +10:00
Raja Grewal
61941da375
Create disabled-intelpmt-by-security-misc 2024-07-15 22:38:09 +10:00
Raja Grewal
22ba7a7c39
Disable more Intel Management Engine (ME) modules 2024-07-15 22:21:20 +10:00
Raja Grewal
9300c208e2
Fix script 2024-07-15 21:36:25 +10:00
Raja Grewal
f2db11269e
Fix script 2024-07-15 21:18:32 +10:00
Raja Grewal
382f1e9ec0
Fix error 2024-07-15 21:13:25 +10:00
Raja Grewal
a8bc1144c3
Updated wording of error files for disabled modules 2024-07-15 21:10:13 +10:00
Raja Grewal
fda3832eaf
Replace bash file presented for disabling of miscellaneous modules 2024-07-15 21:08:45 +10:00
Raja Grewal
8219a1e257
Update README.md relating to disabled miscellaneous modules 2024-07-15 21:02:10 +10:00
Raja Grewal
cb2fb95b81
Disable more miscellaneous drivers 2024-07-15 21:01:36 +10:00
Raja Grewal
c52b1a3fd2
Create disabled-miscellaneous-by-security-misc 2024-07-15 20:58:45 +10:00
Raja Grewal
96aa63267a
Disable more Thunderbolt modules 2024-07-15 20:57:14 +10:00
Raja Grewal
51f7776bc8
Disable more network protocols/drivers 2024-07-15 20:56:12 +10:00
Raja Grewal
9e40ff0551
Disable more network file systems 2024-07-15 20:54:18 +10:00
Raja Grewal
82c5a93f7c
Disable another GPS module 2024-07-15 20:53:07 +10:00
Raja Grewal
99b0ce7948
Disable more file systems 2024-07-15 20:47:56 +10:00
Raja Grewal
4476a477a7
Provide option to disable more Bluetooth modules 2024-07-15 20:47:07 +10:00
Raja Grewal
e0696d02a2
Update security-misc.maintscript
Due to previous splitting IN b02230a783.
2024-07-15 20:46:04 +10:00
Raja Grewal
b2657bc61f
Improve docs 2024-07-15 15:05:00 +10:00
Raja Grewal
1c2afc1f25
Update presentation of the kernel.printk sysctl 2024-07-15 15:01:48 +10:00
Raja Grewal
c8385d82fb
Clarify instructions for increasing log verbosity 2024-07-15 14:57:40 +10:00
Raja Grewal
d229e8b04d
Fix link 2024-07-15 14:50:29 +10:00
Raja Grewal
fbfdb0fa99
Update security-misc.maintscript relating to grub 2024-07-15 14:40:03 +10:00
Raja Grewal
f4d652fa7b
Update presentation of quiet loglevel=0 2024-07-15 14:39:12 +10:00
Raja Grewal
69c8e84927
Fix typos 2024-07-15 14:38:21 +10:00
Raja Grewal
48e1ac4163
Remove the optional slub_debug parameter since it is no longer recommended 2024-07-15 02:04:25 +10:00
Raja Grewal
99038c7a06
Add option to disable support for x86 processes and syscalls in the future 2024-07-15 02:02:01 +10:00
Raja Grewal
f550fbe07c
Add option to disable the entire IPv6 stack functionality 2024-07-15 01:59:04 +10:00
Raja Grewal
a33d4cd099
Refactor existing kernel parameters for clarity 2024-07-15 01:56:25 +10:00
Raja Grewal
acd60e45d8
Add comment about enabling core dump files 2024-07-14 20:07:31 +10:00
Raja Grewal
5cf9afc215
Include optional sysctl's in README.md 2024-07-14 17:05:49 +10:00
Raja Grewal
2b9e174c9d
Remove empty lines 2024-07-14 16:22:52 +10:00