Commit Graph

2258 Commits

Author SHA1 Message Date
Raja Grewal
f550fbe07c
Add option to disable the entire IPv6 stack functionality 2024-07-15 01:59:04 +10:00
Raja Grewal
a33d4cd099
Refactor existing kernel parameters for clarity 2024-07-15 01:56:25 +10:00
Raja Grewal
acd60e45d8
Add comment about enabling core dump files 2024-07-14 20:07:31 +10:00
Raja Grewal
5cf9afc215
Include optional sysctl's in README.md 2024-07-14 17:05:49 +10:00
Raja Grewal
2b9e174c9d
Remove empty lines 2024-07-14 16:22:52 +10:00
Raja Grewal
dd1741c4a1
Some documentation additions and fixes 2024-07-14 13:40:53 +10:00
Raja Grewal
565597c9a2
Minor documentation changes and fixes 2024-07-14 01:21:24 +10:00
Patrick Schleizer
5ba5a85ad0
bumped changelog version 2024-07-13 15:01:16 +00:00
Patrick Schleizer
ad860063ab
Merge remote-tracking branch 'raja/modprobe' 2024-07-13 10:55:45 -04:00
Raja Grewal
9f58266546
Move nf_conntrack_helper disabling into separate file 2024-07-13 23:32:01 +10:00
Raja Grewal
8f2ec75f81
Clarify README.mmd relating to module disabling 2024-07-13 23:30:55 +10:00
Raja Grewal
98580bb39a
Update modprobe presentation 2024-07-13 23:29:52 +10:00
Raja Grewal
2de3a79599
Refactor existing sysctl for clarity 2024-07-13 22:41:40 +10:00
Patrick Schleizer
f34b9d7c45
Merge remote-tracking branch 'raja/modules' 2024-07-13 06:14:43 -04:00
Raja Grewal
5f10cc8bcf
Update README.md relating to modprobe 2024-07-12 16:22:10 +10:00
Raja Grewal
41a3bf92fb
Sort 30_security-misc_disable.conf 2024-07-12 16:21:41 +10:00
Raja Grewal
f31dc8aebc
Fix error in error script 2024-07-12 16:21:03 +10:00
Raja Grewal
b02230a783
Split modprobe into blacklisted and disabled configurations 2024-07-12 02:42:37 +10:00
Raja Grewal
fc792ff232
Alphabetically sort existing modprobe 2024-07-12 02:29:36 +10:00
Raja Grewal
fe20f3240e
Refactor existing modprobe for clarity 2024-07-12 02:28:48 +10:00
Raja Grewal
275a4ffc11
Remove redundant disabled modules 2024-07-12 02:27:56 +10:00
Ben Grande
b7796a5334
Unify method to find SUID files 2024-07-11 11:04:22 +02:00
Patrick Schleizer
05c1711b16
bumped changelog version 2024-06-11 12:56:56 +00:00
Patrick Schleizer
e48115588c
Merge remote-tracking branch 'github-kicksecure/master' 2024-06-11 07:25:47 -04:00
Patrick Schleizer
cad8d85755
Merge pull request #227 from 3uryd1ce/fix-pam.d-path
fix(etc): delete typo in /etc/apparmor.d tunables
2024-06-11 07:25:07 -04:00
Ashlen
e198447866 fix(etc): delete typo in /etc/apparmor.d tunables
/etc/pam.d was present twice in a row ("/etc/pam.d//etc/pam.d") in this
file: /etc/apparmor.d/tunables/home.d/security-misc.
2024-06-08 22:17:05 -06:00
Patrick Schleizer
b316352ede
bumped changelog version 2024-06-01 18:13:08 +00:00
Patrick Schleizer
c815304026
readme 2024-06-01 14:12:57 -04:00
Patrick Schleizer
641e98e577
bumped changelog version 2024-06-01 17:35:04 +00:00
Patrick Schleizer
e0cd9579d6
remove duplicate fsckobjects = true from /etc/gitconfig 2024-06-01 13:32:13 -04:00
Patrick Schleizer
bbe64a0b79
bumped changelog version 2024-05-28 12:04:53 +00:00
Patrick Schleizer
ae24a97d4d
Merge remote-tracking branch 'github-kicksecure/master' 2024-05-28 08:02:21 -04:00
Patrick Schleizer
a735857852
Merge pull request #226 from Kicksecure/gitconfig
add `/etc/gitconfig` by default for better `git` security
2024-05-28 07:55:31 -04:00
Patrick Schleizer
4efa293f3b
add /etc/gitconfig by default for better git security
```
[core]
	symlinks = false

[transfer]
	fsckobjects = true
	fsckobjects = true
[fetch]
	fsckobjects = true
	fsckobjects = true
[receive]
	fsckobjects = true
	fsckobjects = true
```

+ additional suggestions as comments

fixes https://github.com/Kicksecure/security-misc/issues/225
2024-05-28 07:51:06 -04:00
Patrick Schleizer
bfca98ea89
bumped changelog version 2024-05-18 20:45:12 +00:00
Patrick Schleizer
eb82884fb2
Merge remote-tracking branch 'github-kicksecure/master' 2024-05-18 16:42:41 -04:00
Patrick Schleizer
12e006ef9c
Merge pull request #222 from raja-grewal/text
Update Readme and Copyright
2024-05-18 16:30:07 -04:00
raja-grewal
2f716050d1
Update README.md 2024-05-12 01:06:34 +00:00
Raja Grewal
1bb843ec38
Update Copyright (C) to 2024 2024-05-11 13:18:36 +10:00
Raja Grewal
dddac1dc40
Update README.md 2024-05-11 13:15:42 +10:00
Patrick Schleizer
5867b1b014
bumped changelog version 2024-05-10 11:20:36 +00:00
Patrick Schleizer
9b589bc311
comment 2024-05-10 06:49:34 -04:00
Patrick Schleizer
8d01fc2d35
chmod +x 2024-05-10 06:48:26 -04:00
Patrick Schleizer
8a28c1bc38
Merge remote-tracking branch 'github-kicksecure/master' 2024-05-10 06:48:04 -04:00
Patrick Schleizer
0f1119f326
Merge pull request #221 from raja-grewal/firewire
Disable Firewire Module
2024-05-10 06:45:57 -04:00
Patrick Schleizer
547757f451
Merge pull request #220 from raja-grewal/block_gps
Block Several GPS-related Modules
2024-05-10 06:45:34 -04:00
Patrick Schleizer
7b9fe44a20
Merge pull request #219 from raja-grewal/logging_martians
Revert Logging of Martians
2024-05-10 06:43:43 -04:00
Patrick Schleizer
62ea4dc176
Merge pull request #218 from raja-grewal/secure_cpu
More CPU Mitigations and Additional References
2024-05-10 06:43:15 -04:00
raja-grewal
677f75ae8e
Disable firewire-net module 2024-05-09 02:34:02 +00:00
raja-grewal
06f13bb766
Disable GPS modules like GNSS 2024-05-09 02:28:53 +00:00