security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2026-01-09 07:41:02 -05:00

Author	SHA1	Message	Date
Aaron Rainbolt	17ab1bb00f	Documentation fix	2025-11-29 20:44:30 -06:00
Aaron Rainbolt	2b2d30afce	Merge remote-tracking branch 'raja/limit_full_force' into arraybolt3/trixie	2025-11-29 20:23:09 -06:00
Aaron Rainbolt	b73a830b0f	Merge remote-tracking branch 'raja/kpti' into arraybolt3/trixie	2025-11-29 19:59:35 -06:00
Aaron Rainbolt	e54cb007f9	Merge remote-tracking branch 'raja/limit_bdev_writes' into arraybolt3/trixie	2025-11-29 19:54:10 -06:00
raja-grewal	62dc2d4483	Add note about Intel TME	2025-11-18 20:31:46 +11:00
raja-grewal	99e993b885	Provide options to enable AMD SME and SEV	2025-11-15 03:16:07 +00:00
raja-grewal	e43d4d7f71	Set `bdev_allow_write_mounted=0`	2025-11-03 05:46:07 +00:00
raja-grewal	53d90b1128	Update docs on `ssbd=force-on`	2025-11-03 04:32:49 +00:00
raja-grewal	322584db33	Update docs on `pti=on`	2025-11-03 04:31:59 +00:00
raja-grewal	5e87c9bea4	Set `kpti=1`	2025-11-03 04:30:58 +00:00
raja-grewal	3fdfebc464	Set `proc_mem.force_override=ptrace`	2025-11-03 00:48:49 +00:00
Patrick Schleizer	5121f80f28	comment	2025-11-02 06:00:24 -05:00
Patrick Schleizer	29685938bd	move usbguard reject rules to the top	2025-11-02 05:57:52 -05:00
Patrick Schleizer	f555c48c51	fix USBGuard-notifier `accept` / `reject` buttons https://forums.kicksecure.com/t/usbguard-what-should-we-allow-or-disallow-by-default/1248/49	2025-10-19 04:42:24 -04:00
Aaron Rainbolt	70fbbc230c	Set USBGuard settings to permit USB hubs and Qubes USB passthrough	2025-10-17 15:49:42 -05:00
Aaron Rainbolt	4f63af4200	Allow listing USB devices via usbguard	2025-10-15 17:53:26 -05:00
Patrick Schleizer	28a88c7091	comment	2025-10-10 06:52:13 -04:00
raja-grewal	e89c7ae025	Update docs on `slab_debug` for future improvements	2025-10-08 02:39:20 +00:00
Aaron Rainbolt	7e016b5632	Allow users in the qubes group to access USBGuard IPC	2025-09-28 14:11:59 -05:00
Aaron Rainbolt	2a39d5997c	security-misc split string changes	2025-09-21 16:06:11 -05:00
Patrick Schleizer	068750543a	update link	2025-09-19 11:59:22 -04:00
Patrick Schleizer	f70550d015	Split the `security-misc` into `security-misc-shared`, `security-misc-desktop` and `security-misc-server`: rename files https://github.com/Kicksecure/security-misc/issues/187	2025-09-17 14:49:28 -04:00
Patrick Schleizer	24424bcbc0	Merge pull request #318 from raja-grewal/vmscape Enable `vmscape=force`	2025-09-17 13:31:27 -04:00
Patrick Schleizer	2d3b4ee124	Merge pull request #317 from raja-grewal/srso_docs Update SRSO docs	2025-09-17 13:27:13 -04:00
raja-grewal	21c605e27e	Enable `vmscape=force`	2025-09-13 03:41:59 +00:00
Aaron Rainbolt	90b6486ffe	Allow users in the sudo group to use usbguard-notifier	2025-09-12 18:08:00 -05:00
raja-grewal	7b32e9339e	Update SRSO docs	2025-09-12 23:10:34 +10:00
Aaron Rainbolt	2319bd9164	Allow USB devices that are connected at USBGuard start time	2025-08-28 17:34:41 -05:00
Aaron Rainbolt	85fd8ea52b	Enable USB video and audio devices, reject USB RNDIS devices	2025-08-28 16:42:16 -05:00
Aaron Rainbolt	b95598b6f7	Disable RNDIS due to unfixable security issues	2025-08-28 16:18:14 -05:00
Aaron Rainbolt	893faa9822	Remove initramfs-tools support	2025-08-23 22:53:13 -05:00
Aaron Rainbolt	53e930b4cc	Merge branch 'master' into arraybolt3/trixie	2025-08-21 20:09:48 -05:00
Aaron Rainbolt	df8a323d03	Fix XDG handling, replace Xfce with LXQt where appropriate, make USBGuard configuration work	2025-08-21 18:39:28 -05:00
Patrick Schleizer	8cdbbf8292	Merge pull request #313 from raja-grewal/panic_limits Upgrade `sysctl` settings and docs on kernel panics	2025-08-21 06:43:07 -04:00
Patrick Schleizer	2baf5cfc0b	Merge pull request #314 from raja-grewal/trixie_docs Update documentation	2025-08-21 06:42:28 -04:00
Patrick Schleizer	81d437fe3e	fix	2025-08-20 21:40:39 -04:00
raja-grewal	e48897cc44	Merge branch 'master' into panic_limits	2025-08-21 10:27:44 +10:00
Patrick Schleizer	c2d5bf38f5	comment	2025-08-20 10:44:10 -04:00
Patrick Schleizer	812f05f847	comments	2025-08-20 10:11:49 -04:00
raja-grewal	c0ad577793	Update docs on oops boot parameter	2025-08-19 11:01:06 +10:00
raja-grewal	45fcd163d1	Add reference on conntrack helpers	2025-08-18 20:23:50 +10:00
Aaron Rainbolt	37c0bc0c5d	Merge remote-tracking branch 'raja/block_32bit' into arraybolt3/trixie	2025-08-17 14:02:01 -05:00
Aaron Rainbolt	210aa97650	Merge remote-tracking branch 'raja/trixie_docs' into arraybolt3/trixie	2025-08-17 13:50:25 -05:00
raja-grewal	f175d1961e	Enable `ia32_emulation=0`	2025-08-17 07:08:08 +00:00
raja-grewal	e06b78a522	Temporarily revert IA32 doc updates	2025-08-17 07:05:32 +00:00
Aaron Rainbolt	7a8dfa528c	Merge remote-tracking branch 'raja/trixie_docs' into arraybolt3/trixie	2025-08-16 21:10:19 -05:00
raja-grewal	1f75426f07	Clarify docs for disabling 32-bit x86 support	2025-08-16 02:20:00 +00:00
Aaron Rainbolt	cba16879ef	Polish USBGuard configuration	2025-08-15 17:16:42 -05:00
Aaron Rainbolt	b4086b8e77	Merge remote-tracking branch 'monsieuremre/patch-3' into arraybolt3/trixie	2025-08-15 16:57:34 -05:00
Aaron Rainbolt	66ec5bda58	Remove obsolete Thunderbird configuration hardening	2025-08-15 16:51:07 -05:00

1 2 3 4 5 ...

645 commits