Patrick Schleizer
44d62e05b5
Merge pull request #29 from onions-knight/patch-1
...
Update uncommon-network-protocols.conf
2019-08-19 12:45:52 +00:00
onions-knight
a8b6281119
Update uncommon-network-protocols.conf
...
Removing llc from blacklisted network protocols as it is needed by KVM for networking.
See https://hub.packtpub.com/kvm-networking-libvirt/ and https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107
2019-08-19 11:30:57 +00:00
Patrick Schleizer
0140df8668
virusforget
2019-08-19 08:43:28 +00:00
Patrick Schleizer
113ab42568
virusforget
2019-08-19 08:31:23 +00:00
Patrick Schleizer
416906d4f9
virusforget
2019-08-19 08:19:35 +00:00
Patrick Schleizer
2d867d9fee
virusforget
2019-08-19 08:10:18 +00:00
Patrick Schleizer
8e76e6b8b3
fix
2019-08-19 07:48:12 +00:00
Patrick Schleizer
3f068f77fe
keep cache folder outside of reach of user since even user can remove files
...
owned by root in its home folder
2019-08-19 07:47:20 +00:00
Patrick Schleizer
1fa1efa58e
credits
2019-08-19 07:22:09 +00:00
Patrick Schleizer
1e026a3ebb
initial development version of VirusForget
2019-08-18 22:50:44 +00:00
Patrick Schleizer
e15b560305
bumped changelog version
2019-08-17 10:54:08 +00:00
Patrick Schleizer
c897682794
readme
2019-08-17 10:53:45 +00:00
Patrick Schleizer
e535232728
description
2019-08-17 10:37:49 +00:00
Patrick Schleizer
7ffdd7c240
description
2019-08-17 10:37:42 +00:00
Patrick Schleizer
207399439f
description
2019-08-17 10:37:36 +00:00
Patrick Schleizer
d4fb485e70
description
2019-08-17 10:35:31 +00:00
Patrick Schleizer
41b2819ec8
PAM: abort on locked password
...
to avoid needlessly bumping pam_tally2 counter
https://forums.whonix.org/t/restrict-root-access/7658/1
2019-08-17 10:33:47 +00:00
Patrick Schleizer
e0e25364e2
bumped changelog version
2019-08-17 09:57:48 +00:00
Patrick Schleizer
cfd18d4486
readme
2019-08-17 09:56:29 +00:00
Patrick Schleizer
ed90d8b025
change default umask to 027
...
as per:
https://forums.whonix.org/t/change-default-umask/7416/47
2019-08-17 09:55:20 +00:00
Patrick Schleizer
b9127faac3
bumped changelog version
2019-08-16 16:05:51 +00:00
Patrick Schleizer
e004a5e0cf
readme
2019-08-16 16:05:25 +00:00
Patrick Schleizer
f9e3825e91
fix lintian warning
2019-08-16 16:05:09 +00:00
Patrick Schleizer
ec99720811
bumped changelog version
2019-08-16 15:59:14 +00:00
Patrick Schleizer
6a68c3bd9c
readme
2019-08-16 15:57:30 +00:00
Patrick Schleizer
224f95799c
sudo default umask 006
...
https://forums.whonix.org/t/change-default-umask/7416/43
2019-08-16 11:15:25 -04:00
Patrick Schleizer
17cfcb63b6
code simplification; report locked account earlier
2019-08-16 10:50:56 -04:00
Patrick Schleizer
5754671c46
Merge remote-tracking branch 'origin/master'
2019-08-16 10:36:43 -04:00
Patrick Schleizer
9781598632
Merge pull request #27 from madaidan/patch-21
...
Blacklist bluetooth
2019-08-16 14:36:00 +00:00
Patrick Schleizer
85502ad430
Merge branch 'master' into patch-21
2019-08-16 14:35:51 +00:00
Patrick Schleizer
34672b88a8
bumped changelog version
2019-08-15 15:18:02 +00:00
Patrick Schleizer
a11e3cea9e
readme
2019-08-15 15:08:48 +00:00
Patrick Schleizer
ff9bc1d7ea
informational output during PAM:
...
* Show failed and remaining password attempts.
* Document unlock procedure if Linux user account got locked.
* Point out, that there is no password feedback for `su`.
* Explain locked (root) account if locked.
* /usr/share/pam-configs/tally2-security-misc
* /usr/lib/security-misc/pam_tally2-info
2019-08-15 13:37:28 +00:00
Patrick Schleizer
454e135822
pam_tally2.so even_deny_root
2019-08-15 07:33:41 +00:00
Patrick Schleizer
63b476221c
use requisite rather than required to avoid asking for password needlessly
...
if login will fail anyhow
2019-08-15 07:30:56 +00:00
Patrick Schleizer
ce4a30d3ce
bumped changelog version
2019-08-14 11:52:26 +00:00
Patrick Schleizer
a7c25a451c
remove unneeded dependency on libpam-cgfs
2019-08-14 11:50:53 +00:00
Patrick Schleizer
633854c6be
bumped changelog version
2019-08-14 11:13:25 +00:00
Patrick Schleizer
0feb54b28e
add Depends: apparmor-profile-anondist to fix apparmor issue
...
sudo[19806]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied
sudo[18961]: pam_exec(sudo:session): /usr/lib/security-misc/permission-lockdown failed: exit code 13
kernel: audit: type=1400 audit(1565780860.972:224): apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=19806 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
2019-08-14 11:10:18 +00:00
Patrick Schleizer
8fdc77fed5
output to stdout
2019-08-14 10:33:23 +00:00
Patrick Schleizer
5213cfbcdc
bumped changelog version
2019-08-14 10:08:18 +00:00
Patrick Schleizer
2875adb722
readme
2019-08-14 10:07:55 +00:00
Patrick Schleizer
01b3a0bfae
description
2019-08-14 09:52:53 +00:00
Patrick Schleizer
547ba91d79
sanity test
2019-08-14 09:45:30 +00:00
Patrick Schleizer
dee195d89e
description
2019-08-14 09:40:41 +00:00
Patrick Schleizer
799acad724
skip, if not a folder
2019-08-14 09:39:43 +00:00
Patrick Schleizer
6321ff5ad5
refactoring
2019-08-14 09:38:44 +00:00
Patrick Schleizer
15094cab4f
avoid ' character in usr/share/pam-configs; in description
2019-08-14 09:36:30 +00:00
Patrick Schleizer
97d1945e61
no log needed, informative output to stdout instead
2019-08-14 09:32:58 +00:00
Patrick Schleizer
a085d46c56
change priories so "pam_umask.so usergroups umask=006" runs before pam_exec.so /usr/lib/security-misc/permission-lockdown
2019-08-14 09:31:58 +00:00