Patrick Schleizer
|
c9d75ef9ea
|
abort installation if no user is part of group sudo
https://forums.whonix.org/t/is-security-misc-suitable-for-hardening-bridges-and-relays/8299/4
Thanks to minimal for the bug report!
|
2019-10-17 06:46:47 -04:00 |
|
Patrick Schleizer
|
a5045dc26e
|
set -e
|
2019-10-17 06:18:32 -04:00 |
|
Patrick Schleizer
|
0b8725306f
|
renamed: etc/hide-hardware-info.d/30_whitelist.conf -> etc/hide-hardware-info.d/30_default.conf
|
2019-10-17 06:13:44 -04:00 |
|
Patrick Schleizer
|
4aba027566
|
syntax check
|
2019-10-17 06:12:36 -04:00 |
|
Patrick Schleizer
|
8b9aa8841a
|
fix
|
2019-10-17 06:11:01 -04:00 |
|
Patrick Schleizer
|
cfbd77040a
|
set "shopt -s nullglob" to avoid failing when folder /etc/hide-hardware-info.d
does not exist or is empty
|
2019-10-17 06:10:29 -04:00 |
|
Patrick Schleizer
|
b05663c5f6
|
shuffle
https://forums.whonix.org/t/restrict-hardware-information-to-root/7329/80
|
2019-10-17 06:08:55 -04:00 |
|
Patrick Schleizer
|
28a440091d
|
code simplification
|
2019-10-17 06:08:16 -04:00 |
|
Patrick Schleizer
|
3c4e261c20
|
remove trailing spaces
|
2019-10-17 06:05:23 -04:00 |
|
Patrick Schleizer
|
c8e0303d6d
|
Merge remote-tracking branch 'origin/master'
|
2019-10-17 06:04:34 -04:00 |
|
Patrick Schleizer
|
8a42c5b023
|
Merge pull request #34 from madaidan/whitelist
Add a whitelist for /sys and /proc/cpuinfo
|
2019-10-17 09:59:12 +00:00 |
|
Patrick Schleizer
|
994ca024c2
|
Merge pull request #33 from madaidan/documentation
Improve documentation
|
2019-10-17 06:19:46 +00:00 |
|
madaidan
|
61f742304d
|
return 0
|
2019-10-16 19:46:59 +00:00 |
|
madaidan
|
259b1f2c71
|
Update control
|
2019-10-16 19:21:24 +00:00 |
|
madaidan
|
ffba0e0179
|
Elaborate
|
2019-10-16 19:04:15 +00:00 |
|
madaidan
|
4f5b7816ec
|
Elaborate
|
2019-10-16 19:01:49 +00:00 |
|
madaidan
|
99a762d3dc
|
KASLR is different from ASLR
|
2019-10-16 18:53:04 +00:00 |
|
madaidan
|
a14a2854c6
|
Elaborate
|
2019-10-16 18:52:14 +00:00 |
|
madaidan
|
f08c03ab21
|
Restrict sysfs/cpuinfo if the whitelist is disabled
|
2019-10-16 15:39:23 +00:00 |
|
madaidan
|
af607d5eb2
|
Create sysfs and cpuinfo groups
|
2019-10-15 21:02:03 +00:00 |
|
madaidan
|
42c1701d5c
|
Whitelist user@.service
|
2019-10-15 21:00:03 +00:00 |
|
madaidan
|
a47a2fca8b
|
Create 30_whitelist.conf
|
2019-10-15 20:58:58 +00:00 |
|
madaidan
|
6b78dbcd07
|
Add way to whitelist things
|
2019-10-15 20:57:02 +00:00 |
|
Patrick Schleizer
|
4b1b3b7d66
|
bumped changelog version
|
2019-10-14 10:23:01 +00:00 |
|
Patrick Schleizer
|
c19964360a
|
readme
|
2019-10-14 10:10:08 +00:00 |
|
Patrick Schleizer
|
c22738be02
|
comments
|
2019-10-07 08:25:45 +00:00 |
|
Patrick Schleizer
|
75f36bc2c9
|
comments
|
2019-10-07 08:25:07 +00:00 |
|
Patrick Schleizer
|
e92a8a6966
|
comments
|
2019-10-07 08:24:02 +00:00 |
|
Patrick Schleizer
|
60c044a9d6
|
copyright / comments
|
2019-10-07 05:30:56 +00:00 |
|
Patrick Schleizer
|
cd2135ff82
|
comments
|
2019-10-06 10:18:24 +00:00 |
|
Patrick Schleizer
|
8b4f2befd4
|
comment out sack by default
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/8?u=patrick
|
2019-10-05 13:15:34 +00:00 |
|
Patrick Schleizer
|
02096f8d7c
|
Revert "undo Disabling TCP SACK, DSACK, FACK"
This reverts commit 5fb4eb8e56 .
|
2019-10-05 13:13:46 +00:00 |
|
Patrick Schleizer
|
62a0239207
|
bumped changelog version
|
2019-10-05 11:33:15 +00:00 |
|
Patrick Schleizer
|
54b83ae44d
|
readme
|
2019-10-05 07:20:18 -04:00 |
|
Patrick Schleizer
|
5fb4eb8e56
|
undo Disabling TCP SACK, DSACK, FACK
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/5
|
2019-10-05 07:00:47 -04:00 |
|
Patrick Schleizer
|
c19942f72b
|
Merge remote-tracking branch 'origin/master'
|
2019-10-05 06:58:27 -04:00 |
|
Patrick Schleizer
|
a33851a3c9
|
Merge pull request #32 from madaidan/disable-dsack-fack
Disable TCP DSACK and FACK
|
2019-10-05 10:58:08 +00:00 |
|
Patrick Schleizer
|
213aef6eb9
|
bumped changelog version
|
2019-10-05 09:40:26 +00:00 |
|
Patrick Schleizer
|
aaebb32b66
|
readme
|
2019-10-05 09:39:05 +00:00 |
|
Patrick Schleizer
|
c87fc75f2a
|
fix, run remove-system-map.service during sysinit.target
|
2019-10-05 09:36:21 +00:00 |
|
Patrick Schleizer
|
25b6746784
|
fix systemd unit file proc-hidepid.service: WantedBy=sysinit.target
|
2019-10-05 09:14:54 +00:00 |
|
Patrick Schleizer
|
d2bc3a2a08
|
chmod +x usr/lib/security-misc/hide-hardware-info
|
2019-10-05 09:14:41 +00:00 |
|
Patrick Schleizer
|
ffe0d62c81
|
Merge remote-tracking branch 'origin/master'
|
2019-10-05 04:49:05 -04:00 |
|
Patrick Schleizer
|
7bcf73deaa
|
Merge pull request #31 from madaidan/hide-hardware-info
Restrict /proc/cpuinfo, /proc/bus, /proc/scsi and /sys to root
|
2019-10-05 08:46:21 +00:00 |
|
madaidan
|
d0c6bb1e90
|
Disable TCP DSACK and FACK
|
2019-10-04 17:35:54 +00:00 |
|
madaidan
|
7345287560
|
Use sysinit.target instead
|
2019-10-04 17:32:52 +00:00 |
|
madaidan
|
e06eeec678
|
Disable hide-hardware-info.service by default
|
2019-10-03 21:42:06 +00:00 |
|
madaidan
|
87917d2f03
|
Add licensing
|
2019-10-03 21:38:07 +00:00 |
|
madaidan
|
b06ab912c0
|
Add licensing
|
2019-10-03 21:37:29 +00:00 |
|
madaidan
|
ec5fcf813b
|
Update control
|
2019-10-03 20:50:48 +00:00 |
|