security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00

Author	SHA1	Message	Date
Patrick Schleizer	470cad6e91	remount /home /tmp /dev/shm /run with nosuid,nodev (default) and noexec (opt-in) https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707	2019-12-06 05:14:02 -05:00
Patrick Schleizer	aa5451c8cd	Lock user accounts after 50 rather than 100 failed login attempts. https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698/19	2019-11-25 01:39:53 -05:00
Patrick Schleizer	fe1f1b73a7	load jitterentropy_rng kernel module for better entropy collection https://www.whonix.org/wiki/Dev/Entropy https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927972 https://forums.whonix.org/t/jitterentropy-rngd/7204	2019-11-23 11:20:32 +00:00
Patrick Schleizer	03e8023847	output	2019-11-22 14:11:30 -05:00
Patrick Schleizer	2e73c053b5	fix lintian warning	2019-11-09 12:55:00 +00:00
Patrick Schleizer	74293bcd2f	output	2019-11-05 01:59:25 -05:00
Patrick Schleizer	2b5b06b602	output	2019-11-05 01:59:19 -05:00
Patrick Schleizer	d6977becba	refactoring	2019-11-05 01:51:14 -05:00
Patrick Schleizer	daf0006795	comment	2019-11-05 01:50:27 -05:00
Patrick Schleizer	203d5cfa68	copyright	2019-10-31 11:19:44 -04:00
Patrick Schleizer	bce5274a15	quotes fix	2019-10-22 09:22:29 -04:00
Patrick Schleizer	e20b9e2133	better solution when using pkexec with --user: wrap sudo --user with lxqt-sudo	2019-10-22 09:08:18 -04:00
Patrick Schleizer	d4e02de43a	set SUDO_ASKPASS for pkexec wrapper when using sudo --askpass	2019-10-22 09:04:44 -04:00
Patrick Schleizer	1a65a91039	long rather than short option	2019-10-22 08:56:05 -04:00
Patrick Schleizer	b55913637b	silence output by mount/grep	2019-10-22 08:54:48 -04:00
Patrick Schleizer	a1154170c9	Call original pkexec in case there are no arguments.	2019-10-22 08:54:17 -04:00
Patrick Schleizer	1e4d0ea1d0	fix lintian warning	2019-10-21 09:55:05 +00:00
Patrick Schleizer	343d9cc916	fix	2019-10-21 09:53:55 +00:00
Patrick Schleizer	40707e70db	Redirect calls for pkexec to lxqt-sudo because pkexec is incompatible with hidepid. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860040 https://forums.whonix.org/t/cannot-use-pkexec/8129 Thanks to AnonymousUser for the bug report!	2019-10-21 05:46:49 -04:00
Patrick Schleizer	a5045dc26e	set -e	2019-10-17 06:18:32 -04:00
Patrick Schleizer	4aba027566	syntax check	2019-10-17 06:12:36 -04:00
Patrick Schleizer	8b9aa8841a	fix	2019-10-17 06:11:01 -04:00
Patrick Schleizer	cfbd77040a	set "shopt -s nullglob" to avoid failing when folder /etc/hide-hardware-info.d does not exist or is empty	2019-10-17 06:10:29 -04:00
Patrick Schleizer	b05663c5f6	shuffle https://forums.whonix.org/t/restrict-hardware-information-to-root/7329/80	2019-10-17 06:08:55 -04:00
Patrick Schleizer	28a440091d	code simplification	2019-10-17 06:08:16 -04:00
Patrick Schleizer	3c4e261c20	remove trailing spaces	2019-10-17 06:05:23 -04:00
Patrick Schleizer	8a42c5b023	Merge pull request #34 from madaidan/whitelist Add a whitelist for /sys and /proc/cpuinfo	2019-10-17 09:59:12 +00:00
madaidan	61f742304d	return 0	2019-10-16 19:46:59 +00:00
madaidan	ffba0e0179	Elaborate	2019-10-16 19:04:15 +00:00
madaidan	f08c03ab21	Restrict sysfs/cpuinfo if the whitelist is disabled	2019-10-16 15:39:23 +00:00
madaidan	6b78dbcd07	Add way to whitelist things	2019-10-15 20:57:02 +00:00
Patrick Schleizer	d2bc3a2a08	chmod +x usr/lib/security-misc/hide-hardware-info	2019-10-05 09:14:41 +00:00
madaidan	87917d2f03	Add licensing	2019-10-03 21:38:07 +00:00
madaidan	9449f5017a	Create hide-hardware-info	2019-10-03 20:45:14 +00:00
Patrick Schleizer	75258843e9	copyright	2019-09-16 13:03:43 +00:00
Patrick Schleizer	8e39cea876	comment	2019-09-16 13:03:25 +00:00
Patrick Schleizer	bac462f211	comment	2019-09-16 13:03:02 +00:00
Patrick Schleizer	bec680d4f3	pam_tally2-info: fix, do nothing when started as user "user" xscreensaver runs as user "user", therefore pam_tally2 cannot function. xscreensaver has its own failed login counter. as user "user" /sbin/pam_tally2 -u user pam_tally2: Error opening /var/log/tallylog for update: Permission denied /sbin/pam_tally2: Authentication error https://askubuntu.com/questions/983183/how-lock-the-unlock-screen-after-wrong-password-attempts https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698	2019-09-16 12:30:23 +00:00
Patrick Schleizer	0ae5c5ff14	remove umask changes since these are causing issues are are not needed anymore thanks to home folder permission lockdown https://forums.whonix.org/t/change-default-umask/7416/45	2019-08-24 12:14:22 -04:00
Patrick Schleizer	0140df8668	virusforget	2019-08-19 08:43:28 +00:00
Patrick Schleizer	113ab42568	virusforget	2019-08-19 08:31:23 +00:00
Patrick Schleizer	416906d4f9	virusforget	2019-08-19 08:19:35 +00:00
Patrick Schleizer	2d867d9fee	virusforget	2019-08-19 08:10:18 +00:00
Patrick Schleizer	8e76e6b8b3	fix	2019-08-19 07:48:12 +00:00
Patrick Schleizer	3f068f77fe	keep cache folder outside of reach of user since even user can remove files owned by root in its home folder	2019-08-19 07:47:20 +00:00
Patrick Schleizer	1fa1efa58e	credits	2019-08-19 07:22:09 +00:00
Patrick Schleizer	1e026a3ebb	initial development version of VirusForget	2019-08-18 22:50:44 +00:00
Patrick Schleizer	41b2819ec8	PAM: abort on locked password to avoid needlessly bumping pam_tally2 counter https://forums.whonix.org/t/restrict-root-access/7658/1	2019-08-17 10:33:47 +00:00
Patrick Schleizer	ed90d8b025	change default umask to 027 as per: https://forums.whonix.org/t/change-default-umask/7416/47	2019-08-17 09:55:20 +00:00
Patrick Schleizer	17cfcb63b6	code simplification; report locked account earlier	2019-08-16 10:50:56 -04:00

1 2 3

120 Commits