security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-26 18:06:24 -05:00

Author	SHA1	Message	Date
Patrick Schleizer	5121f80f28	comment	2025-11-02 06:00:24 -05:00
Patrick Schleizer	29685938bd	move usbguard reject rules to the top	2025-11-02 05:57:52 -05:00
Patrick Schleizer	f555c48c51	fix USBGuard-notifier `accept` / `reject` buttons https://forums.kicksecure.com/t/usbguard-what-should-we-allow-or-disallow-by-default/1248/49	2025-10-19 04:42:24 -04:00
Aaron Rainbolt	70fbbc230c	Set USBGuard settings to permit USB hubs and Qubes USB passthrough	2025-10-17 15:49:42 -05:00
Aaron Rainbolt	4f63af4200	Allow listing USB devices via usbguard	2025-10-15 17:53:26 -05:00
Patrick Schleizer	28a88c7091	comment	2025-10-10 06:52:13 -04:00
raja-grewal	e89c7ae025	Update docs on `slab_debug` for future improvements	2025-10-08 02:39:20 +00:00
Aaron Rainbolt	7e016b5632	Allow users in the qubes group to access USBGuard IPC	2025-09-28 14:11:59 -05:00
Aaron Rainbolt	2a39d5997c	security-misc split string changes	2025-09-21 16:06:11 -05:00
Patrick Schleizer	068750543a	update link	2025-09-19 11:59:22 -04:00
Patrick Schleizer	f70550d015	Split the `security-misc` into `security-misc-shared`, `security-misc-desktop` and `security-misc-server`: rename files https://github.com/Kicksecure/security-misc/issues/187	2025-09-17 14:49:28 -04:00
Patrick Schleizer	24424bcbc0	Merge pull request #318 from raja-grewal/vmscape Enable `vmscape=force`	2025-09-17 13:31:27 -04:00
Patrick Schleizer	2d3b4ee124	Merge pull request #317 from raja-grewal/srso_docs Update SRSO docs	2025-09-17 13:27:13 -04:00
raja-grewal	21c605e27e	Enable `vmscape=force`	2025-09-13 03:41:59 +00:00
Aaron Rainbolt	90b6486ffe	Allow users in the sudo group to use usbguard-notifier	2025-09-12 18:08:00 -05:00
raja-grewal	7b32e9339e	Update SRSO docs	2025-09-12 23:10:34 +10:00
Aaron Rainbolt	2319bd9164	Allow USB devices that are connected at USBGuard start time	2025-08-28 17:34:41 -05:00
Aaron Rainbolt	85fd8ea52b	Enable USB video and audio devices, reject USB RNDIS devices	2025-08-28 16:42:16 -05:00
Aaron Rainbolt	b95598b6f7	Disable RNDIS due to unfixable security issues	2025-08-28 16:18:14 -05:00
Aaron Rainbolt	893faa9822	Remove initramfs-tools support	2025-08-23 22:53:13 -05:00
Aaron Rainbolt	53e930b4cc	Merge branch 'master' into arraybolt3/trixie	2025-08-21 20:09:48 -05:00
Aaron Rainbolt	df8a323d03	Fix XDG handling, replace Xfce with LXQt where appropriate, make USBGuard configuration work	2025-08-21 18:39:28 -05:00
Patrick Schleizer	8cdbbf8292	Merge pull request #313 from raja-grewal/panic_limits Upgrade `sysctl` settings and docs on kernel panics	2025-08-21 06:43:07 -04:00
Patrick Schleizer	2baf5cfc0b	Merge pull request #314 from raja-grewal/trixie_docs Update documentation	2025-08-21 06:42:28 -04:00
Patrick Schleizer	81d437fe3e	fix	2025-08-20 21:40:39 -04:00
raja-grewal	e48897cc44	Merge branch 'master' into panic_limits	2025-08-21 10:27:44 +10:00
Patrick Schleizer	c2d5bf38f5	comment	2025-08-20 10:44:10 -04:00
Patrick Schleizer	812f05f847	comments	2025-08-20 10:11:49 -04:00
raja-grewal	c0ad577793	Update docs on oops boot parameter	2025-08-19 11:01:06 +10:00
raja-grewal	45fcd163d1	Add reference on conntrack helpers	2025-08-18 20:23:50 +10:00
Aaron Rainbolt	37c0bc0c5d	Merge remote-tracking branch 'raja/block_32bit' into arraybolt3/trixie	2025-08-17 14:02:01 -05:00
Aaron Rainbolt	210aa97650	Merge remote-tracking branch 'raja/trixie_docs' into arraybolt3/trixie	2025-08-17 13:50:25 -05:00
raja-grewal	f175d1961e	Enable `ia32_emulation=0`	2025-08-17 07:08:08 +00:00
raja-grewal	e06b78a522	Temporarily revert IA32 doc updates	2025-08-17 07:05:32 +00:00
Aaron Rainbolt	7a8dfa528c	Merge remote-tracking branch 'raja/trixie_docs' into arraybolt3/trixie	2025-08-16 21:10:19 -05:00
raja-grewal	1f75426f07	Clarify docs for disabling 32-bit x86 support	2025-08-16 02:20:00 +00:00
Aaron Rainbolt	cba16879ef	Polish USBGuard configuration	2025-08-15 17:16:42 -05:00
Aaron Rainbolt	b4086b8e77	Merge remote-tracking branch 'monsieuremre/patch-3' into arraybolt3/trixie	2025-08-15 16:57:34 -05:00
Aaron Rainbolt	66ec5bda58	Remove obsolete Thunderbird configuration hardening	2025-08-15 16:51:07 -05:00
Aaron Rainbolt	94668b2e93	Set hard and soft limits on core file size at the same time	2025-08-15 16:47:41 -05:00
Aaron Rainbolt	e2c65a2a6f	Merge remote-tracking branch 'nrz/master' into arraybolt3/trixie	2025-08-15 16:45:18 -05:00
Aaron Rainbolt	65afc31ba7	Merge branch 'kcfi' into arraybolt3/trixie	2025-08-15 16:31:50 -05:00
Aaron Rainbolt	a2a9e8440b	Merge branch 'trixie_docs' into arraybolt3/trixie	2025-08-15 16:06:35 -05:00
Aaron Rainbolt	2ada07cf66	Add SSH hardening config	2025-08-07 22:23:03 -05:00
Aaron Rainbolt	2a3bc39eba	Use Ctrl+Alt+End as the default panic key rather than Ctrl+Alt+Delete	2025-08-06 19:10:37 -05:00
raja-grewal	4166d6d1e6	Update docs on recovery restrictions	2025-08-06 15:53:49 +10:00
raja-grewal	498551536c	Update docs	2025-08-06 03:12:06 +00:00
raja-grewal	1f7525722e	Enable `cfi=kcfi`	2025-08-06 01:48:47 +00:00
Aaron Rainbolt	63f2909341	Fix emerg-shutdown and ensure-shutdown libexec scripts, start emerg-shutdown and ensure-shutdown earlier	2025-08-03 15:00:14 -05:00
Patrick Schleizer	4da810c8fa	comment	2025-08-03 07:16:00 -04:00

1 2 3 4 5 ...

634 commits