Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,320 Commits 2 Branches 291 Tags 8.2 MiB
a132980023
Commit Graph

189 Commits

Author SHA1 Message Date
Raja Grewal
69c8e84927
Fix typos 2024-07-15 14:38:21 +10:00
Raja Grewal
48e1ac4163
Remove the optional slub_debug parameter since it is no longer recommended 2024-07-15 02:04:25 +10:00
Raja Grewal
99038c7a06
Add option to disable support for x86 processes and syscalls in the future 2024-07-15 02:02:01 +10:00
Raja Grewal
f550fbe07c
Add option to disable the entire IPv6 stack functionality 2024-07-15 01:59:04 +10:00
Raja Grewal
a33d4cd099
Refactor existing kernel parameters for clarity 2024-07-15 01:56:25 +10:00
Raja Grewal
acd60e45d8
Add comment about enabling core dump files 2024-07-14 20:07:31 +10:00
Raja Grewal
5cf9afc215
Include optional sysctl's in README.md 2024-07-14 17:05:49 +10:00
Raja Grewal
9f58266546
Move nf_conntrack_helper disabling into separate file 2024-07-13 23:32:01 +10:00
Raja Grewal
8f2ec75f81
Clarify README.mmd relating to module disabling 2024-07-13 23:30:55 +10:00
Raja Grewal
2de3a79599
Refactor existing sysctl for clarity 2024-07-13 22:41:40 +10:00
Raja Grewal
5f10cc8bcf
Update README.md relating to modprobe 2024-07-12 16:22:10 +10:00
Raja Grewal
b02230a783
Split modprobe into blacklisted and disabled configurations 2024-07-12 02:42:37 +10:00
Patrick Schleizer
c815304026
readme 2024-06-01 14:12:57 -04:00
raja-grewal
2f716050d1
Update README.md 2024-05-12 01:06:34 +00:00
Raja Grewal
dddac1dc40
Update README.md 2024-05-11 13:15:42 +10:00
Patrick Schleizer
0d78ecaee3
README 2024-01-16 09:26:21 -05:00
Patrick Schleizer
862bf6b5ab
Merge remote-tracking branch 'ben-grande/clean' 2024-01-16 08:19:28 -05:00
Patrick Schleizer
df0f9d3267
README 2024-01-06 09:19:57 -05:00
Patrick Schleizer
86f91e3030
revert umask 027 by default 
because broken because this also happens for root while it should not

https://github.com/Kicksecure/security-misc/issues/185
 2024-01-06 09:11:54 -05:00
Ben Grande
abf72c2ee4
Rename file permission hardening script 
Hardener as the script is the agent that is hardening the file
permissions.
 2024-01-02 13:34:29 +01:00
Patrick Schleizer
f64a869bfd
readme 2023-12-25 11:03:22 -05:00
Patrick Schleizer
0810c1ce3c
fix bluetooth in readme 
fixes https://github.com/Kicksecure/security-misc/issues/180
 2023-12-25 09:10:31 -05:00
Patrick Schleizer
37b4ab15a8
readme 2023-12-25 09:04:10 -05:00
Patrick Schleizer
79f398d219
formatting 2023-12-25 08:45:20 -05:00
Patrick Schleizer
c90ada3c39
pandoc -f markdown -t markdown --wrap=auto --columns=80 README.md -o README.md 2023-12-25 08:37:23 -05:00
Patrick Schleizer
34bf297bd1
formatting 2023-12-25 08:32:34 -05:00
Patrick Schleizer
d5fc9f6201
improve bluetooth in readme 
as suggested by @monsieuremre

https://github.com/Kicksecure/security-misc/issues/180
 2023-12-25 08:26:03 -05:00
Patrick Schleizer
5a73817a95
move to /usr/lib/issue.d/20_security-misc.issue 
https://github.com/Kicksecure/security-misc/pull/167
 2023-12-04 11:38:49 -05:00
Patrick Schleizer
c4e21ca5f4
added development philosophy 
https://github.com/Kicksecure/security-misc/issues/154
 2023-12-04 10:58:16 -05:00
Patrick Schleizer
feab1432f9
clarify scope 
https://github.com/Kicksecure/security-misc/issues/154
 2023-12-04 10:48:27 -05:00
Patrick Schleizer
2de5ab4120
clarify scope of application specific hardening 
fixes https://github.com/Kicksecure/security-misc/issues/154
 2023-11-06 13:47:30 -05:00
Patrick Schleizer
ad079ac5cc
readme 
https://github.com/Kicksecure/security-misc/pull/152
 2023-11-05 20:55:55 -05:00
Patrick Schleizer
be023c7722
readme 
https://github.com/Kicksecure/security-misc/issues/159
 2023-11-05 20:54:43 -05:00
Patrick Schleizer
42be631023
readme 2023-11-05 14:54:05 -05:00
Patrick Schleizer
93437952b4
readme 2023-11-05 14:41:01 -05:00
monsieuremre
fbd9e5d017
README.md 2023-11-04 14:33:35 +00:00
Patrick Schleizer
97054b2b10
revert enabling kernel module signature enforcement 
due to issues

https://forums.whonix.org/t/enforce-kernel-module-software-signature-verification-module-signing-disallow-kernel-module-loading-by-default/7880/63

https://github.com/dell/dkms/issues/359
 2023-11-03 15:55:17 -04:00
Patrick Schleizer
978e3e4abd
readme 2023-11-03 14:53:40 -04:00
Patrick Schleizer
c33a3d9aad
readme 2023-11-03 10:44:48 -04:00
Raja Grewal
cf003dfad8
Update comments 2023-05-16 02:11:44 +10:00
Jeremy Rand
9d23717b6d
README: Document mmap-rnd-bits 2023-05-08 13:45:18 +00:00
Patrick Schleizer
6faa050dd8
migrate ram-wipe to dedicated package 2023-01-09 06:54:04 -05:00
Raja Grewal
d500205f55
Update README.md 2022-08-21 23:03:13 +10:00
Raja Grewal
c4a1094760
Merge branch 'Kicksecure:master' into harden 2022-07-18 13:36:23 +00:00
Raja Grewal
2b237039cf
Update README.md 2022-07-13 22:25:53 +10:00
Raja Grewal
fe0cc10890
Updated README.md 2022-07-12 17:18:47 +10:00
Patrick Schleizer
26b2c9727f
not blacklist CD-ROM / DVD yet 
https://forums.whonix.org/t/blacklist-more-kernel-modules-to-reduce-attack-surface/7989/31
 2022-07-07 15:39:40 -04:00
Patrick Schleizer
d5c1650341
shuffle 2022-07-07 15:28:09 -04:00
raja-grewal
28381e81d4
Update README.md 2022-07-07 09:28:30 +00:00
Patrick Schleizer
92ff868ece
readme 2022-07-05 11:05:36 -04:00
Patrick Schleizer
b8ba608535
readme 2022-07-05 10:57:28 -04:00
Patrick Schleizer
949edf3e17
readme 2022-07-05 10:48:58 -04:00
Patrick Schleizer
8f03ce049a
readme 2022-07-05 10:41:55 -04:00
Patrick Schleizer
d7dd188651
remove unicode 2022-06-08 09:27:02 -04:00
Patrick Schleizer
55d16e1602
remove unicode 2022-06-08 09:04:03 -04:00
Patrick Schleizer
4a3ed17160
readme 2022-05-19 17:25:58 -04:00
Patrick Schleizer
a4e18a2ae8
dracut reproducible=yes 2021-09-04 18:28:37 -04:00
Patrick Schleizer
08adf4a07d
readme 2021-08-17 15:23:49 -04:00
Patrick Schleizer
2bf0e7471c
port from pam_tally2 to pam_faillock 
since pam_tally2 was deprecated upstream
 2021-08-10 15:11:01 -04:00
Patrick Schleizer
50bdd097df
move /usr/lib/security-misc to /usr/libexec/security-misc as per lintian FHS 2021-08-03 12:56:31 -04:00
Patrick Schleizer
0492f28aa1
enable "apt-get --error-on=any" by default 
makes apt exit non-zero for transient failures

`/etc/apt/apt.conf.d/40error-on-any`

https://forums.whonix.org/t/debian-bullseye-apt-get-error-on-any/12068
 2021-08-03 12:37:39 -04:00
Patrick Schleizer
ddd62c1eef
readme 2021-01-12 03:24:11 -05:00
madaidan
3066b5ad97
Overhaul documentation 2021-01-12 02:17:13 +00:00
Patrick Schleizer
ac8bc4f006
readme 2020-07-29 06:30:07 -04:00
Patrick Schleizer
cb51847085
readme 2020-04-15 14:05:37 -04:00
Patrick Schleizer
e0b8640fb9
readme 2020-04-13 06:56:34 -04:00
Patrick Schleizer
67b9d06b25
readme 2020-04-09 09:45:29 +00:00
Patrick Schleizer
0441f2ed7a
readme 2020-04-08 12:30:05 +00:00
Patrick Schleizer
350a15dfbf
readme 2020-04-06 13:22:32 -04:00
Patrick Schleizer
ae8c5fff3c
readme 2020-04-02 07:22:47 -04:00
Patrick Schleizer
76eb9579a3
readme 2020-03-05 08:33:00 -05:00
Patrick Schleizer
1dea4dbcf6
readme 2020-03-03 09:18:38 -05:00
Patrick Schleizer
201d6b5efc
readme 2020-03-03 09:07:42 -05:00
Patrick Schleizer
32269d32b6
description 2020-02-29 04:59:15 -05:00
Patrick Schleizer
d04d4bf095
description 2020-02-25 02:08:10 -05:00
Patrick Schleizer
3df008f0b9
readme 2020-02-15 15:28:30 -05:00
Patrick Schleizer
d1fa191bc0
readme 2020-02-13 13:38:21 -05:00
Patrick Schleizer
4df0d6c01c
readme 2020-01-30 01:22:06 -05:00
Patrick Schleizer
07dcb32fc2
readme 2020-01-24 11:55:38 -05:00
Patrick Schleizer
be79f0688a
readme 2020-01-24 04:40:20 -05:00
Patrick Schleizer
bac6cd601b
readme 2020-01-24 04:33:54 -05:00
Patrick Schleizer
ca057713e2
readme 2020-01-24 03:39:04 -05:00
Patrick Schleizer
1304341868
readme 2020-01-17 03:10:56 -05:00
Patrick Schleizer
0f17596aac
readme 2020-01-15 11:35:41 -05:00
Patrick Schleizer
73e830d0ac
readme 2020-01-15 10:08:57 -05:00
Patrick Schleizer
2078cd237f
readme 2020-01-14 09:18:30 -05:00
Patrick Schleizer
130a4cf6d4
readme 2020-01-11 15:17:06 -05:00
Patrick Schleizer
046ceeae4d
readme 2019-12-23 03:57:36 -05:00
Patrick Schleizer
0409aac3ae
readme 2019-12-23 02:09:04 -05:00
Patrick Schleizer
161b6f6b88
readme 2019-12-21 07:49:29 -05:00
Patrick Schleizer
65248a94ef
readme 2019-12-20 07:06:50 -05:00
Patrick Schleizer
2cab38a8b3
readme 2019-12-16 06:24:14 -05:00
Patrick Schleizer
e64741c01e
readme 2019-12-08 05:25:19 -05:00
Patrick Schleizer
bc45ed385e
readme 2019-12-08 04:03:02 -05:00
Patrick Schleizer
6faa977cd7
readme 2019-12-07 02:02:06 -05:00
Patrick Schleizer
b22289f2a8
readme 2019-12-06 09:30:05 -05:00
Patrick Schleizer
ab696f5571
readme 2019-11-28 10:05:39 -05:00
Patrick Schleizer
57ce06c0eb
readme 2019-11-25 08:41:45 +00:00
Patrick Schleizer
6a6a638ef0
readme 2019-11-23 14:06:28 +00:00
Patrick Schleizer
7c0ec7e507
readme 2019-11-03 04:23:40 -05:00