Patrick Schleizer
3d187dab99
bumped changelog version
2019-09-12 12:50:42 +00:00
Patrick Schleizer
f13a73e569
undo SysRq restrictions
...
https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079
2019-09-10 12:35:42 -04:00
Patrick Schleizer
1f75a10650
bumped changelog version
2019-09-09 12:10:24 +00:00
Patrick Schleizer
9d875d7c31
bumped changelog version
2019-09-07 06:11:32 +00:00
Patrick Schleizer
8132052ce0
run update-grub from postinst so /etc/default/grub.d changes take effect
2019-09-07 05:44:23 +00:00
Patrick Schleizer
661bcd8603
allow loading unsigned modules due to issues
...
https://forums.whonix.org/t/allow-loading-signed-kernel-modules-by-default-disallow-kernel-module-loading-by-default/7880/23
2019-09-07 05:39:56 +00:00
Patrick Schleizer
9ee9309f54
bumped changelog version
2019-09-06 13:04:57 +00:00
Patrick Schleizer
ea0779e42a
rm_conffile /etc/sudoers.d/umask-security-misc
2019-09-06 13:00:20 +00:00
Patrick Schleizer
3a9939dccb
bumped changelog version
2019-09-06 11:47:40 +00:00
Patrick Schleizer
5960c1682a
description
2019-09-06 11:46:22 +00:00
Patrick Schleizer
fccfacfdaf
description
2019-09-06 11:45:54 +00:00
Patrick Schleizer
610d3488e9
bumped changelog version
2019-09-06 09:33:06 +00:00
Patrick Schleizer
0e20e33d16
description
2019-09-05 02:31:57 -04:00
Patrick Schleizer
0b3dcef13d
description
2019-09-05 02:30:40 -04:00
Patrick Schleizer
f2e5883b4c
description
2019-09-05 02:29:48 -04:00
Patrick Schleizer
a4913ae092
description
2019-09-05 02:28:43 -04:00
Patrick Schleizer
a2aeb401a2
bumped changelog version
2019-08-31 13:44:37 +00:00
Patrick Schleizer
3a5bdddf5c
depend on adduser
2019-08-31 08:43:46 -04:00
Patrick Schleizer
8bbebf64cf
bumped changelog version
2019-08-24 16:41:27 +00:00
Patrick Schleizer
0ae5c5ff14
remove umask changes since these are causing issues are are not needed anymore
...
thanks to home folder permission lockdown
https://forums.whonix.org/t/change-default-umask/7416/45
2019-08-24 12:14:22 -04:00
Patrick Schleizer
41c4682280
bumped changelog version
2019-08-23 16:57:12 +00:00
Patrick Schleizer
a74b983283
remove LLC - IEEE 802.2 from blacklist
...
since required by KVM
https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107
https://forums.whonix.org/t/blacklist-uncommon-network-protocols/7391/22
https://github.com/Whonix/security-misc/pull/29
2019-08-19 12:46:59 +00:00
Patrick Schleizer
e15b560305
bumped changelog version
2019-08-17 10:54:08 +00:00
Patrick Schleizer
e535232728
description
2019-08-17 10:37:49 +00:00
Patrick Schleizer
7ffdd7c240
description
2019-08-17 10:37:42 +00:00
Patrick Schleizer
207399439f
description
2019-08-17 10:37:36 +00:00
Patrick Schleizer
d4fb485e70
description
2019-08-17 10:35:31 +00:00
Patrick Schleizer
e0e25364e2
bumped changelog version
2019-08-17 09:57:48 +00:00
Patrick Schleizer
ed90d8b025
change default umask to 027
...
as per:
https://forums.whonix.org/t/change-default-umask/7416/47
2019-08-17 09:55:20 +00:00
Patrick Schleizer
b9127faac3
bumped changelog version
2019-08-16 16:05:51 +00:00
Patrick Schleizer
f9e3825e91
fix lintian warning
2019-08-16 16:05:09 +00:00
Patrick Schleizer
ec99720811
bumped changelog version
2019-08-16 15:59:14 +00:00
Patrick Schleizer
224f95799c
sudo default umask 006
...
https://forums.whonix.org/t/change-default-umask/7416/43
2019-08-16 11:15:25 -04:00
Patrick Schleizer
85502ad430
Merge branch 'master' into patch-21
2019-08-16 14:35:51 +00:00
Patrick Schleizer
34672b88a8
bumped changelog version
2019-08-15 15:18:02 +00:00
Patrick Schleizer
ff9bc1d7ea
informational output during PAM:
...
* Show failed and remaining password attempts.
* Document unlock procedure if Linux user account got locked.
* Point out, that there is no password feedback for `su`.
* Explain locked (root) account if locked.
* /usr/share/pam-configs/tally2-security-misc
* /usr/lib/security-misc/pam_tally2-info
2019-08-15 13:37:28 +00:00
Patrick Schleizer
ce4a30d3ce
bumped changelog version
2019-08-14 11:52:26 +00:00
Patrick Schleizer
a7c25a451c
remove unneeded dependency on libpam-cgfs
2019-08-14 11:50:53 +00:00
Patrick Schleizer
633854c6be
bumped changelog version
2019-08-14 11:13:25 +00:00
Patrick Schleizer
0feb54b28e
add Depends: apparmor-profile-anondist to fix apparmor issue
...
sudo[19806]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied
sudo[18961]: pam_exec(sudo:session): /usr/lib/security-misc/permission-lockdown failed: exit code 13
kernel: audit: type=1400 audit(1565780860.972:224): apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=19806 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
2019-08-14 11:10:18 +00:00
Patrick Schleizer
5213cfbcdc
bumped changelog version
2019-08-14 10:08:18 +00:00
Patrick Schleizer
01b3a0bfae
description
2019-08-14 09:52:53 +00:00
Patrick Schleizer
dee195d89e
description
2019-08-14 09:40:41 +00:00
Patrick Schleizer
21489111d1
run permission lockdown during pam
...
https://forums.whonix.org/t/change-default-umask/7416
2019-08-14 08:34:03 +00:00
Patrick Schleizer
42f2d5f666
description
2019-08-14 07:39:28 +00:00
Patrick Schleizer
f210294f40
description
2019-08-14 07:24:24 +00:00
Patrick Schleizer
f1d8cbc9fb
bumped changelog version
2019-08-14 07:02:09 +00:00
Patrick Schleizer
a82448d46a
description
2019-08-14 07:01:25 +00:00
Patrick Schleizer
6f8acf06d7
bumped changelog version
2019-08-11 12:07:07 +00:00
Patrick Schleizer
aacd9c7679
description
2019-08-11 10:34:38 +00:00
Patrick Schleizer
c0b5c70de4
description
2019-08-11 10:33:22 +00:00
Patrick Schleizer
75769151cd
bumped changelog version
2019-08-10 11:37:02 +00:00
Patrick Schleizer
a703865dcf
bumped changelog version
2019-08-01 12:02:41 +00:00
Patrick Schleizer
5d0aec1321
bumped changelog version
2019-07-31 19:12:27 +00:00
madaidan
4a6f87f3fa
Update control
2019-07-31 18:33:28 +00:00
Patrick Schleizer
864de10659
bumped changelog version
2019-07-31 15:17:51 +00:00
Patrick Schleizer
c09fb208d1
bumped changelog version
2019-07-31 07:44:50 +00:00
Patrick Schleizer
ac1220e14b
depend on sudo so group sudo exists during postinst
2019-07-31 07:32:59 +00:00
Patrick Schleizer
09f75fb1ff
description
2019-07-31 07:32:36 +00:00
Patrick Schleizer
2ad087dcd9
description
2019-07-31 07:30:40 +00:00
Patrick Schleizer
404f597c0a
description
2019-07-31 07:29:42 +00:00
Patrick Schleizer
c921872016
description
2019-07-31 07:27:13 +00:00
Patrick Schleizer
39e1b1c5f0
update file path
2019-07-31 07:26:25 +00:00
Patrick Schleizer
031a1c8751
bumped changelog version
2019-07-22 01:16:18 +00:00
Patrick Schleizer
8c538ba318
bumped changelog version
2019-07-17 21:38:26 +00:00
Patrick Schleizer
940054d53f
bumped changelog version
2019-07-17 21:08:23 +00:00
Patrick Schleizer
c0a4a10d6b
description
2019-07-17 21:05:11 +00:00
Patrick Schleizer
7352b2ac31
description
2019-07-17 21:03:54 +00:00
Patrick Schleizer
4bf2360b95
description
2019-07-17 21:02:27 +00:00
Patrick Schleizer
9f2e300e72
description
2019-07-17 20:48:33 +00:00
Patrick Schleizer
d044780c04
description
2019-07-17 20:42:14 +00:00
Patrick Schleizer
75e5714d18
description
2019-07-17 20:40:01 +00:00
Patrick Schleizer
8c2f983578
description
2019-07-17 20:39:42 +00:00
Patrick Schleizer
50036b2934
bumped changelog version
2019-07-17 19:13:57 +00:00
Patrick Schleizer
1b772c6a9a
bumped changelog version
2019-07-16 19:45:52 +00:00
Patrick Schleizer
2499ae0890
description
2019-07-16 07:28:50 -04:00
Patrick Schleizer
d0124b24d1
description
2019-07-16 07:27:56 -04:00
Patrick Schleizer
4b604bbb24
bumped changelog version
2019-07-15 13:26:47 +00:00
Patrick Schleizer
5c741d2149
shuffle
2019-07-15 13:02:30 +00:00
Patrick Schleizer
d247b7534b
sort description by categories
2019-07-15 13:01:46 +00:00
Patrick Schleizer
168ea5a660
shuffle
2019-07-15 08:48:17 -04:00
Patrick Schleizer
1731196c9f
bumped changelog version
2019-07-13 18:51:32 +00:00
Patrick Schleizer
7afddb028f
bumped changelog version
2019-07-13 16:30:39 +00:00
Patrick Schleizer
ea90f95f1c
cleanup
2019-07-13 16:26:40 +00:00
Patrick Schleizer
ea8b22ee78
shuffle
2019-07-13 16:26:14 +00:00
Patrick Schleizer
ca7e0e0161
description
2019-07-13 16:25:08 +00:00
Patrick Schleizer
ffb5a9c482
formatting
2019-07-13 16:23:39 +00:00
Patrick Schleizer
41675ddcff
removed: The amount of hashing rounds used by shadow is bumped to 65536.
...
This increases the security of hashed passwords.
Since we do not do that currently.
https://forums.whonix.org/t/restrict-root-access/7658/37
2019-07-13 16:21:34 +00:00
Patrick Schleizer
3f031a297d
Removes read, write and execute access for others for all users who have home
...
folders under folder /home by running for example "chmod o-rwx /home/user"
during package installation or upgrade. This will be done only once per folder
in folder /home so users who wish to relax file permissions are free to do so.
This is to protect previously created files in user home folder which were
previously created with lax file permissions prior installation of this
package.
2019-07-13 16:20:14 +00:00
Patrick Schleizer
4740e8b335
cleanup
2019-07-13 16:13:55 +00:00
Patrick Schleizer
834fcc4671
bumped changelog version
2019-07-13 15:17:16 +00:00
Patrick Schleizer
e2b6268702
bumped changelog version
2019-07-13 14:58:47 +00:00
Patrick Schleizer
1d8a0dbec7
remove no longer shipped files in etc/pam.d/*
2019-07-13 14:57:51 +00:00
Patrick Schleizer
8e5d45352e
bumped changelog version
2019-07-13 14:55:31 +00:00
Patrick Schleizer
4079632d1a
remove modifying to /etc/pam.d directly (unrelased)
...
config-package-dev displace /etc/securetty
remove trailing spaces
https://forums.whonix.org/t/restrict-root-access/7658/31
2019-07-13 11:41:37 +00:00
Patrick Schleizer
cdb7c6f7eb
bumped changelog version
2019-07-11 18:28:04 +00:00
Patrick Schleizer
aee6b34635
fix lintian warning
2019-07-11 18:26:17 +00:00
madaidan
1aee08fa5e
Update control
2019-07-11 15:30:09 +00:00
madaidan
853c2eb377
Update control
2019-07-11 15:26:14 +00:00
Patrick Schleizer
f5356cee2c
bumped changelog version
2019-07-11 07:16:38 +00:00