Raja Grewal
|
f055fe5da2
|
Disable asynchronous I/O
io_uring creation is disabled for all processes. io_uring_setup always fails with -EPERM. Existing io_uring instances can still be used.
|
2023-12-15 08:33:36 +00:00 |
|
Patrick Schleizer
|
99f2edd4f6
|
bumped changelog version
|
2023-12-12 16:51:21 +00:00 |
|
Patrick Schleizer
|
039de1dc9b
|
add hardened fstab /usr/share/doc/security-misc/fstab-vm
to the documentation folder as an example
not directly used by security-misc
will later be used by Kicksecure VM build process
https://github.com/Kicksecure/security-misc/issues/157
|
2023-12-12 11:50:11 -05:00 |
|
Patrick Schleizer
|
dcaafa6c8b
|
bumped changelog version
|
2023-12-04 17:06:45 +00:00 |
|
Patrick Schleizer
|
5a73817a95
|
move to /usr/lib/issue.d/20_security-misc.issue
https://github.com/Kicksecure/security-misc/pull/167
|
2023-12-04 11:38:49 -05:00 |
|
Patrick Schleizer
|
dfaea492c7
|
remove etc/issue.net.d/20_security-misc
since not mentioned on debian.org
|
2023-12-04 11:37:02 -05:00 |
|
Patrick Schleizer
|
69c895af09
|
Merge remote-tracking branch 'github-kicksecure/master'
|
2023-12-04 11:27:53 -05:00 |
|
Patrick Schleizer
|
36850f89fb
|
Merge pull request #167 from monsieuremre/patch-4
Non-Identifiable and Generic Issue Banners that include the Recommended Keywords
|
2023-12-04 11:27:16 -05:00 |
|
Patrick Schleizer
|
c9ea7a4dca
|
use amd_iommu=force_isolation instead of amd_iommu=force_enable
because we set `iommu=force` already anyhow
fixes https://github.com/Kicksecure/security-misc/issues/175
|
2023-12-04 11:02:55 -05:00 |
|
Patrick Schleizer
|
e83c1d7ed6
|
Merge remote-tracking branch 'github-kicksecure/master'
|
2023-12-04 11:01:02 -05:00 |
|
Patrick Schleizer
|
befd21e0c0
|
Merge pull request #176 from monsieuremre/patch-1
Iommu Kernel Parameters
|
2023-12-04 11:00:29 -05:00 |
|
Patrick Schleizer
|
c4e21ca5f4
|
added development philosophy
https://github.com/Kicksecure/security-misc/issues/154
|
2023-12-04 10:58:16 -05:00 |
|
Patrick Schleizer
|
feab1432f9
|
clarify scope
https://github.com/Kicksecure/security-misc/issues/154
|
2023-12-04 10:48:27 -05:00 |
|
Patrick Schleizer
|
dc04040cb3
|
typo
|
2023-12-04 10:36:48 -05:00 |
|
Patrick Schleizer
|
2634dbff2b
|
shuffle
|
2023-12-04 10:36:21 -05:00 |
|
monsieuremre
|
f2ad8383cf
|
fix
|
2023-12-03 19:51:38 +00:00 |
|
monsieuremre
|
dd15823a97
|
undo superfluousness
|
2023-12-03 19:50:07 +00:00 |
|
monsieuremre
|
83e13bb62d
|
Update 40_enable_iommu.cfg
|
2023-12-03 19:42:34 +00:00 |
|
monsieuremre
|
0d7af9707f
|
Update 20_security-misc
|
2023-12-03 19:31:12 +00:00 |
|
monsieuremre
|
04d27a10b0
|
Update 20_security-misc
|
2023-12-03 19:30:55 +00:00 |
|
monsieuremre
|
7963f811e1
|
Merge branch 'Kicksecure:master' into patch-4
|
2023-12-03 19:30:22 +00:00 |
|
Patrick Schleizer
|
82bd9138de
|
bumped changelog version
|
2023-11-20 13:13:10 +00:00 |
|
Patrick Schleizer
|
c2b3ff5243
|
moved libpam-tmpdir dependency to kicksecure-meta-packages
https://github.com/Kicksecure/security-misc/pull/147
|
2023-11-20 04:40:28 -05:00 |
|
monsieuremre
|
c8b9f5a917
|
net
|
2023-11-18 10:03:19 +00:00 |
|
monsieuremre
|
3b614f3753
|
20_security-misc
|
2023-11-18 10:02:16 +00:00 |
|
Patrick Schleizer
|
4e4df5dd7c
|
bumped changelog version
|
2023-11-11 22:29:57 +00:00 |
|
Patrick Schleizer
|
a51674410c
|
fix
|
2023-11-11 17:29:37 -05:00 |
|
Patrick Schleizer
|
8d58077d68
|
bumped changelog version
|
2023-11-11 20:22:34 +00:00 |
|
Patrick Schleizer
|
5b85a0b34d
|
license
|
2023-11-11 14:46:35 -05:00 |
|
Patrick Schleizer
|
7757080519
|
change license to AGPL-3+
https://forums.whonix.org/t/license-change-to-agplv3/17455
|
2023-11-11 13:41:28 -05:00 |
|
Patrick Schleizer
|
20f804f19c
|
bumped changelog version
|
2023-11-06 17:28:21 -05:00 |
|
Patrick Schleizer
|
a1e00be0e0
|
update link
|
2023-11-06 16:58:23 -05:00 |
|
Patrick Schleizer
|
5bb357cac0
|
spice-client-glib-usb-acl-helper matchwhitelist
|
2023-11-06 16:55:00 -05:00 |
|
Patrick Schleizer
|
7309445ee5
|
comment
|
2023-11-06 16:52:27 -05:00 |
|
Patrick Schleizer
|
f09d97fc9e
|
whitelist VirtualBox
|
2023-11-06 16:50:19 -05:00 |
|
Patrick Schleizer
|
64c8c7a8d5
|
whitelist SSH
|
2023-11-06 16:47:31 -05:00 |
|
Patrick Schleizer
|
9682b51d54
|
whitelist virtualbox
|
2023-11-06 16:44:36 -05:00 |
|
Patrick Schleizer
|
a40b9bc095
|
comments
|
2023-11-06 16:40:22 -05:00 |
|
Patrick Schleizer
|
2c1a3da433
|
VirtualBoxVM matchwhitelist
|
2023-11-06 16:38:50 -05:00 |
|
Patrick Schleizer
|
4e96ffaabb
|
chrome-sandbox matchwhitelist
|
2023-11-06 16:37:19 -05:00 |
|
Patrick Schleizer
|
df5f3e8056
|
output
|
2023-11-06 16:36:22 -05:00 |
|
Patrick Schleizer
|
72f6e6bb9c
|
output
|
2023-11-06 16:28:23 -05:00 |
|
Patrick Schleizer
|
3bc831a1f7
|
lintian
|
2023-11-06 16:27:29 -05:00 |
|
Patrick Schleizer
|
fd1f38b2eb
|
remount-secure systemd unit
https://github.com/Kicksecure/security-misc/pull/152
|
2023-11-06 16:22:42 -05:00 |
|
Patrick Schleizer
|
79f9c1fb3a
|
add sysinit-post.target
https://github.com/Kicksecure/security-misc/pull/152
|
2023-11-06 15:48:09 -05:00 |
|
Patrick Schleizer
|
2de5ab4120
|
clarify scope of application specific hardening
fixes https://github.com/Kicksecure/security-misc/issues/154
|
2023-11-06 13:47:30 -05:00 |
|
Patrick Schleizer
|
5a96616b39
|
bumped changelog version
|
2023-11-05 21:13:14 -05:00 |
|
Patrick Schleizer
|
ad079ac5cc
|
readme
https://github.com/Kicksecure/security-misc/pull/152
|
2023-11-05 20:55:55 -05:00 |
|
Patrick Schleizer
|
be023c7722
|
readme
https://github.com/Kicksecure/security-misc/issues/159
|
2023-11-05 20:54:43 -05:00 |
|
Patrick Schleizer
|
e1f413c1ee
|
disable harden-module-loading.service for now
due to issues
https://github.com/Kicksecure/security-misc/issues/159
|
2023-11-05 20:53:26 -05:00 |
|