madaidan
|
5da2a27bf0
|
Distrust the CPU for initial entropy
|
2019-12-02 16:43:00 +00:00 |
|
Patrick Schleizer
|
6ca48fffdc
|
bumped changelog version
|
2019-11-28 10:22:41 -05:00 |
|
Patrick Schleizer
|
ab696f5571
|
readme
|
2019-11-28 10:05:39 -05:00 |
|
Patrick Schleizer
|
25aed91eb1
|
description
|
2019-11-28 09:20:46 -05:00 |
|
Patrick Schleizer
|
0c4e5df3e0
|
description
|
2019-11-28 09:18:05 -05:00 |
|
Patrick Schleizer
|
5ac2a6f9ac
|
description
|
2019-11-28 09:17:32 -05:00 |
|
Patrick Schleizer
|
ff3412fbe0
|
fix, make sure to undo pam changes on package removal
Thanks to minimal for the bug report!
https://forums.whonix.org/t/is-security-misc-suitable-for-hardening-bridges-and-relays/8299/11
|
2019-11-27 10:22:31 -05:00 |
|
Patrick Schleizer
|
62b924eea7
|
Merge remote-tracking branch 'origin/master'
|
2019-11-26 13:00:36 -05:00 |
|
Patrick Schleizer
|
ba02dcb267
|
Merge pull request #37 from madaidan/apparmor-fixes
Fix permission-lockdown
|
2019-11-26 18:00:11 +00:00 |
|
madaidan
|
d9d6d07714
|
/dev/pts/[0-9]* rw,
|
2019-11-26 17:12:12 +00:00 |
|
Patrick Schleizer
|
9091f69edd
|
bumped changelog version
|
2019-11-25 08:51:36 +00:00 |
|
Patrick Schleizer
|
57ce06c0eb
|
readme
|
2019-11-25 08:41:45 +00:00 |
|
Patrick Schleizer
|
aa5451c8cd
|
Lock user accounts after 50 rather than 100 failed login attempts.
https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698/19
|
2019-11-25 01:39:53 -05:00 |
|
Patrick Schleizer
|
6277db1383
|
bumped changelog version
|
2019-11-23 14:07:45 +00:00 |
|
Patrick Schleizer
|
6a6a638ef0
|
readme
|
2019-11-23 14:06:28 +00:00 |
|
Patrick Schleizer
|
fe1f1b73a7
|
load jitterentropy_rng kernel module for better entropy collection
https://www.whonix.org/wiki/Dev/Entropy
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927972
https://forums.whonix.org/t/jitterentropy-rngd/7204
|
2019-11-23 11:20:32 +00:00 |
|
Patrick Schleizer
|
d32024a3da
|
/usr/sbin/pam_tally2 mrix,
https://forums.whonix.org/t/apparmor-for-complete-system-including-init-pid1-systemd-everything-full-system-mac-policy/8339/152
|
2019-11-23 05:53:19 -05:00 |
|
Patrick Schleizer
|
03e8023847
|
output
|
2019-11-22 14:11:30 -05:00 |
|
Patrick Schleizer
|
e76e1475b0
|
comment
|
2019-11-22 12:24:35 -05:00 |
|
Patrick Schleizer
|
a99dfd067a
|
bumped changelog version
|
2019-11-19 15:31:55 +00:00 |
|
Patrick Schleizer
|
81e4f580af
|
etc/apparmor.d/usr.lib.security-misc.permission-lockdown: /usr/bin/chmod mrix,
|
2019-11-19 15:29:02 +00:00 |
|
Patrick Schleizer
|
8ad8dbea5a
|
bumped changelog version
|
2019-11-18 19:16:16 +00:00 |
|
Patrick Schleizer
|
9a20b85fe1
|
Merge remote-tracking branch 'origin/master'
|
2019-11-17 11:20:17 -05:00 |
|
Patrick Schleizer
|
2b17c0f3e4
|
Merge pull request #36 from madaidan/hidepid-fix
Remove proc-hidepid systemd sandboxing
|
2019-11-17 16:19:55 +00:00 |
|
madaidan
|
e92022a21c
|
Remove systemd sandboxing
|
2019-11-16 14:56:28 +00:00 |
|
Patrick Schleizer
|
477d476bb1
|
etc/apparmor.d/usr.lib.security-misc.pam_tally2-info: add '#include <abstractions/base>'
|
2019-11-10 08:29:44 -05:00 |
|
Patrick Schleizer
|
11dc23bf08
|
etc/apparmor.d/usr.lib.security-misc.permission-lockdown: add '#include <abstractions/base>'
|
2019-11-10 08:28:32 -05:00 |
|
Patrick Schleizer
|
d1d61b106b
|
bumped changelog version
|
2019-11-09 18:44:50 +00:00 |
|
Patrick Schleizer
|
9f2932faab
|
/usr/bin/id rix,
|
2019-11-09 13:32:21 -05:00 |
|
Patrick Schleizer
|
6b7df973f6
|
bumped changelog version
|
2019-11-09 12:57:45 +00:00 |
|
Patrick Schleizer
|
2e73c053b5
|
fix lintian warning
|
2019-11-09 12:55:00 +00:00 |
|
Patrick Schleizer
|
6e28774f95
|
bumped changelog version
|
2019-11-09 12:23:15 +00:00 |
|
Patrick Schleizer
|
94d40c68d4
|
do not set kernel boot parameter page_poison=1 in Qubes since does not work
https://github.com/QubesOS/qubes-issues/issues/5212#issuecomment-533873012
|
2019-11-05 10:02:55 -05:00 |
|
Patrick Schleizer
|
f57702c158
|
comments; copyright
|
2019-11-05 09:55:43 -05:00 |
|
Patrick Schleizer
|
74293bcd2f
|
output
|
2019-11-05 01:59:25 -05:00 |
|
Patrick Schleizer
|
2b5b06b602
|
output
|
2019-11-05 01:59:19 -05:00 |
|
Patrick Schleizer
|
d6977becba
|
refactoring
|
2019-11-05 01:51:14 -05:00 |
|
Patrick Schleizer
|
daf0006795
|
comment
|
2019-11-05 01:50:27 -05:00 |
|
Patrick Schleizer
|
78defc4d0b
|
add /var/cache/security-misc/state-files/placeholder file
to make sure folder already exists to avoid AppArmor issue
https://forums.whonix.org/t/apparmor-for-complete-system-including-init-pid1-systemd-everything-full-system-mac-policy/8339/76
|
2019-11-03 04:34:31 -05:00 |
|
Patrick Schleizer
|
7c0ec7e507
|
readme
|
2019-11-03 04:23:40 -05:00 |
|
Patrick Schleizer
|
b55c2fd62e
|
Enables punycode (network.IDN_show_punycode ) by default in Thunderbird
to make phising attacks more difficult. Fixing URL not showing real Domain
Name (Homograph attack).
https://forums.whonix.org/t/enable-network-idn-show-punycode-by-default-in-thunderbird-to-fix-url-not-showing-real-domain-name-homograph-attack-punycode/8415
|
2019-11-03 02:50:51 -05:00 |
|
Patrick Schleizer
|
bf62306d4f
|
bumped changelog version
|
2019-10-31 16:34:35 +00:00 |
|
Patrick Schleizer
|
e1375802eb
|
apparmor fix
https://forums.whonix.org/t/apparmor-for-complete-system-including-init-pid1-systemd-everything-full-system-mac-policy/8339/67
|
2019-10-31 16:32:28 +00:00 |
|
Patrick Schleizer
|
6e5d8b357d
|
bumped changelog version
|
2019-10-31 16:06:51 +00:00 |
|
Patrick Schleizer
|
203d5cfa68
|
copyright
|
2019-10-31 11:19:44 -04:00 |
|
Patrick Schleizer
|
f001250ae6
|
Merge remote-tracking branch 'origin/master'
|
2019-10-28 10:31:30 -04:00 |
|
Patrick Schleizer
|
5a3cbe8100
|
Merge pull request #35 from madaidan/apparmor
Apparmor profiles
|
2019-10-28 14:30:45 +00:00 |
|
madaidan
|
0e49bdc45f
|
Licensing
|
2019-10-28 14:26:14 +00:00 |
|
madaidan
|
5d5ad92638
|
Licensing
|
2019-10-28 14:26:05 +00:00 |
|
madaidan
|
0699747fcb
|
Debian packaging
|
2019-10-28 14:24:37 +00:00 |
|