Commit Graph

140 Commits

Author SHA1 Message Date
Patrick Schleizer
070bb46a08
Merge remote-tracking branch 'raja/sysctl' 2024-07-17 08:02:45 -04:00
Patrick Schleizer
cf5f0edbb8
Merge remote-tracking branch 'raja/sysctl' 2024-07-17 07:59:35 -04:00
Raja Grewal
25fd532ce6
Update README.md relating to sysctl's 2024-07-17 21:56:40 +10:00
Raja Grewal
d1119c38b6
Apply changes from code review 2024-07-17 00:31:23 +10:00
Raja Grewal
8219a1e257
Update README.md relating to disabled miscellaneous modules 2024-07-15 21:02:10 +10:00
Raja Grewal
82c5a93f7c
Disable another GPS module 2024-07-15 20:53:07 +10:00
Raja Grewal
acd60e45d8
Add comment about enabling core dump files 2024-07-14 20:07:31 +10:00
Raja Grewal
5cf9afc215
Include optional sysctl's in README.md 2024-07-14 17:05:49 +10:00
Raja Grewal
9f58266546
Move nf_conntrack_helper disabling into separate file 2024-07-13 23:32:01 +10:00
Raja Grewal
8f2ec75f81
Clarify README.mmd relating to module disabling 2024-07-13 23:30:55 +10:00
Raja Grewal
2de3a79599
Refactor existing sysctl for clarity 2024-07-13 22:41:40 +10:00
Raja Grewal
5f10cc8bcf
Update README.md relating to modprobe 2024-07-12 16:22:10 +10:00
Raja Grewal
b02230a783
Split modprobe into blacklisted and disabled configurations 2024-07-12 02:42:37 +10:00
Patrick Schleizer
c815304026
readme 2024-06-01 14:12:57 -04:00
raja-grewal
2f716050d1
Update README.md 2024-05-12 01:06:34 +00:00
Raja Grewal
dddac1dc40
Update README.md 2024-05-11 13:15:42 +10:00
Patrick Schleizer
0d78ecaee3
README 2024-01-16 09:26:21 -05:00
Patrick Schleizer
862bf6b5ab
Merge remote-tracking branch 'ben-grande/clean' 2024-01-16 08:19:28 -05:00
Patrick Schleizer
df0f9d3267
README 2024-01-06 09:19:57 -05:00
Patrick Schleizer
86f91e3030
revert umask 027 by default
because broken because this also happens for root while it should not

https://github.com/Kicksecure/security-misc/issues/185
2024-01-06 09:11:54 -05:00
Ben Grande
abf72c2ee4
Rename file permission hardening script
Hardener as the script is the agent that is hardening the file
permissions.
2024-01-02 13:34:29 +01:00
Patrick Schleizer
f64a869bfd
readme 2023-12-25 11:03:22 -05:00
Patrick Schleizer
0810c1ce3c
fix bluetooth in readme
fixes https://github.com/Kicksecure/security-misc/issues/180
2023-12-25 09:10:31 -05:00
Patrick Schleizer
37b4ab15a8
readme 2023-12-25 09:04:10 -05:00
Patrick Schleizer
79f398d219
formatting 2023-12-25 08:45:20 -05:00
Patrick Schleizer
c90ada3c39
pandoc -f markdown -t markdown --wrap=auto --columns=80 README.md -o README.md 2023-12-25 08:37:23 -05:00
Patrick Schleizer
34bf297bd1
formatting 2023-12-25 08:32:34 -05:00
Patrick Schleizer
d5fc9f6201
improve bluetooth in readme
as suggested by @monsieuremre

https://github.com/Kicksecure/security-misc/issues/180
2023-12-25 08:26:03 -05:00
Patrick Schleizer
5a73817a95
move to /usr/lib/issue.d/20_security-misc.issue
https://github.com/Kicksecure/security-misc/pull/167
2023-12-04 11:38:49 -05:00
Patrick Schleizer
c4e21ca5f4
added development philosophy
https://github.com/Kicksecure/security-misc/issues/154
2023-12-04 10:58:16 -05:00
Patrick Schleizer
feab1432f9
clarify scope
https://github.com/Kicksecure/security-misc/issues/154
2023-12-04 10:48:27 -05:00
Patrick Schleizer
2de5ab4120
clarify scope of application specific hardening
fixes https://github.com/Kicksecure/security-misc/issues/154
2023-11-06 13:47:30 -05:00
Patrick Schleizer
ad079ac5cc
readme
https://github.com/Kicksecure/security-misc/pull/152
2023-11-05 20:55:55 -05:00
Patrick Schleizer
be023c7722
readme
https://github.com/Kicksecure/security-misc/issues/159
2023-11-05 20:54:43 -05:00
Patrick Schleizer
42be631023
readme 2023-11-05 14:54:05 -05:00
Patrick Schleizer
93437952b4
readme 2023-11-05 14:41:01 -05:00
monsieuremre
fbd9e5d017
README.md 2023-11-04 14:33:35 +00:00
Patrick Schleizer
97054b2b10
revert enabling kernel module signature enforcement
due to issues

https://forums.whonix.org/t/enforce-kernel-module-software-signature-verification-module-signing-disallow-kernel-module-loading-by-default/7880/63

https://github.com/dell/dkms/issues/359
2023-11-03 15:55:17 -04:00
Patrick Schleizer
978e3e4abd
readme 2023-11-03 14:53:40 -04:00
Patrick Schleizer
c33a3d9aad
readme 2023-11-03 10:44:48 -04:00
Raja Grewal
cf003dfad8
Update comments 2023-05-16 02:11:44 +10:00
Jeremy Rand
9d23717b6d
README: Document mmap-rnd-bits 2023-05-08 13:45:18 +00:00
Patrick Schleizer
6faa050dd8
migrate ram-wipe to dedicated package 2023-01-09 06:54:04 -05:00
Raja Grewal
d500205f55
Update README.md 2022-08-21 23:03:13 +10:00
Raja Grewal
c4a1094760
Merge branch 'Kicksecure:master' into harden 2022-07-18 13:36:23 +00:00
Raja Grewal
2b237039cf
Update README.md 2022-07-13 22:25:53 +10:00
Raja Grewal
fe0cc10890
Updated README.md 2022-07-12 17:18:47 +10:00
Patrick Schleizer
26b2c9727f
not blacklist CD-ROM / DVD yet
https://forums.whonix.org/t/blacklist-more-kernel-modules-to-reduce-attack-surface/7989/31
2022-07-07 15:39:40 -04:00
Patrick Schleizer
d5c1650341
shuffle 2022-07-07 15:28:09 -04:00
raja-grewal
28381e81d4
Update README.md 2022-07-07 09:28:30 +00:00