security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00

Author	SHA1	Message	Date
Patrick Schleizer	3a5bdddf5c	depend on adduser	2019-08-31 08:43:46 -04:00
Patrick Schleizer	0ae5c5ff14	remove umask changes since these are causing issues are are not needed anymore thanks to home folder permission lockdown https://forums.whonix.org/t/change-default-umask/7416/45	2019-08-24 12:14:22 -04:00
Patrick Schleizer	a74b983283	remove LLC - IEEE 802.2 from blacklist since required by KVM https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107 https://forums.whonix.org/t/blacklist-uncommon-network-protocols/7391/22 https://github.com/Whonix/security-misc/pull/29	2019-08-19 12:46:59 +00:00
Patrick Schleizer	e535232728	description	2019-08-17 10:37:49 +00:00
Patrick Schleizer	7ffdd7c240	description	2019-08-17 10:37:42 +00:00
Patrick Schleizer	207399439f	description	2019-08-17 10:37:36 +00:00
Patrick Schleizer	d4fb485e70	description	2019-08-17 10:35:31 +00:00
Patrick Schleizer	ed90d8b025	change default umask to 027 as per: https://forums.whonix.org/t/change-default-umask/7416/47	2019-08-17 09:55:20 +00:00
Patrick Schleizer	f9e3825e91	fix lintian warning	2019-08-16 16:05:09 +00:00
Patrick Schleizer	224f95799c	sudo default umask 006 https://forums.whonix.org/t/change-default-umask/7416/43	2019-08-16 11:15:25 -04:00
Patrick Schleizer	85502ad430	Merge branch 'master' into patch-21	2019-08-16 14:35:51 +00:00
Patrick Schleizer	ff9bc1d7ea	informational output during PAM: * Show failed and remaining password attempts. * Document unlock procedure if Linux user account got locked. * Point out, that there is no password feedback for `su`. * Explain locked (root) account if locked. * /usr/share/pam-configs/tally2-security-misc * /usr/lib/security-misc/pam_tally2-info	2019-08-15 13:37:28 +00:00
Patrick Schleizer	a7c25a451c	remove unneeded dependency on libpam-cgfs	2019-08-14 11:50:53 +00:00
Patrick Schleizer	0feb54b28e	add Depends: apparmor-profile-anondist to fix apparmor issue sudo[19806]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied sudo[18961]: pam_exec(sudo:session): /usr/lib/security-misc/permission-lockdown failed: exit code 13 kernel: audit: type=1400 audit(1565780860.972:224): apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=19806 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0	2019-08-14 11:10:18 +00:00
Patrick Schleizer	01b3a0bfae	description	2019-08-14 09:52:53 +00:00
Patrick Schleizer	dee195d89e	description	2019-08-14 09:40:41 +00:00
Patrick Schleizer	42f2d5f666	description	2019-08-14 07:39:28 +00:00
Patrick Schleizer	f210294f40	description	2019-08-14 07:24:24 +00:00
Patrick Schleizer	a82448d46a	description	2019-08-14 07:01:25 +00:00
Patrick Schleizer	aacd9c7679	description	2019-08-11 10:34:38 +00:00
Patrick Schleizer	c0b5c70de4	description	2019-08-11 10:33:22 +00:00
madaidan	4a6f87f3fa	Update control	2019-07-31 18:33:28 +00:00
Patrick Schleizer	ac1220e14b	depend on sudo so group sudo exists during postinst	2019-07-31 07:32:59 +00:00
Patrick Schleizer	09f75fb1ff	description	2019-07-31 07:32:36 +00:00
Patrick Schleizer	2ad087dcd9	description	2019-07-31 07:30:40 +00:00
Patrick Schleizer	404f597c0a	description	2019-07-31 07:29:42 +00:00
Patrick Schleizer	c921872016	description	2019-07-31 07:27:13 +00:00
Patrick Schleizer	39e1b1c5f0	update file path	2019-07-31 07:26:25 +00:00
Patrick Schleizer	c0a4a10d6b	description	2019-07-17 21:05:11 +00:00
Patrick Schleizer	7352b2ac31	description	2019-07-17 21:03:54 +00:00
Patrick Schleizer	4bf2360b95	description	2019-07-17 21:02:27 +00:00
Patrick Schleizer	9f2e300e72	description	2019-07-17 20:48:33 +00:00
Patrick Schleizer	d044780c04	description	2019-07-17 20:42:14 +00:00
Patrick Schleizer	75e5714d18	description	2019-07-17 20:40:01 +00:00
Patrick Schleizer	8c2f983578	description	2019-07-17 20:39:42 +00:00
Patrick Schleizer	2499ae0890	description	2019-07-16 07:28:50 -04:00
Patrick Schleizer	d0124b24d1	description	2019-07-16 07:27:56 -04:00
Patrick Schleizer	5c741d2149	shuffle	2019-07-15 13:02:30 +00:00
Patrick Schleizer	d247b7534b	sort description by categories	2019-07-15 13:01:46 +00:00
Patrick Schleizer	168ea5a660	shuffle	2019-07-15 08:48:17 -04:00
Patrick Schleizer	ea90f95f1c	cleanup	2019-07-13 16:26:40 +00:00
Patrick Schleizer	ea8b22ee78	shuffle	2019-07-13 16:26:14 +00:00
Patrick Schleizer	ca7e0e0161	description	2019-07-13 16:25:08 +00:00
Patrick Schleizer	ffb5a9c482	formatting	2019-07-13 16:23:39 +00:00
Patrick Schleizer	41675ddcff	removed: The amount of hashing rounds used by shadow is bumped to 65536. This increases the security of hashed passwords. Since we do not do that currently. https://forums.whonix.org/t/restrict-root-access/7658/37	2019-07-13 16:21:34 +00:00
Patrick Schleizer	3f031a297d	Removes read, write and execute access for others for all users who have home folders under folder /home by running for example "chmod o-rwx /home/user" during package installation or upgrade. This will be done only once per folder in folder /home so users who wish to relax file permissions are free to do so. This is to protect previously created files in user home folder which were previously created with lax file permissions prior installation of this package.	2019-07-13 16:20:14 +00:00
Patrick Schleizer	aee6b34635	fix lintian warning	2019-07-11 18:26:17 +00:00
madaidan	1aee08fa5e	Update control	2019-07-11 15:30:09 +00:00
madaidan	853c2eb377	Update control	2019-07-11 15:26:14 +00:00
Patrick Schleizer	0057c0dd8c	fix lintian warning	2019-07-11 07:07:01 +00:00

1 2

90 Commits