Patrick Schleizer
|
ced02fb9e0
|
add sanity test for file_name output from stat
|
2024-07-24 11:01:24 -04:00 |
|
Patrick Schleizer
|
b9dfe70a01
|
check first if file_name is empty
|
2024-07-24 10:58:05 -04:00 |
|
Patrick Schleizer
|
1cbda79981
|
check first if array is empty before parsing further
|
2024-07-24 10:57:13 -04:00 |
|
Patrick Schleizer
|
a077ae54ea
|
modify call of stat to use NUL delimiter
for more robust string parsing
|
2024-07-24 10:56:08 -04:00 |
|
Raja Grewal
|
1135d34ab3
|
Reword description of cfi=kcfi kerenel parameter
|
2024-07-24 23:33:36 +10:00 |
|
Patrick Schleizer
|
7200e9bd8c
|
output
|
2024-07-24 09:15:02 -04:00 |
|
Patrick Schleizer
|
1b6161c2dc
|
Merge remote-tracking branch 'ben-grande/fuzz'
|
2024-07-24 09:13:48 -04:00 |
|
Raja Grewal
|
88c88187f2
|
Re-enable (default) secure_redirects for ICMP redirect messages
|
2024-07-24 17:26:50 +10:00 |
|
Ben Grande
|
8be21b6eff
|
Handle newlines in file names
|
2024-07-23 19:36:12 +02:00 |
|
Ben Grande
|
aa99de68d3
|
Log output with defined levels
|
2024-07-23 18:50:16 +02:00 |
|
Ben Grande
|
06fbcdac1d
|
Prettify log messages
|
2024-07-23 09:55:02 +02:00 |
|
Raja Grewal
|
fb494c2ba5
|
Update docs relating to the cfi=kcfi kernel parameter
|
2024-07-23 13:12:13 +10:00 |
|
Ben Grande
|
7ee1ea2cc7
|
Unify functions that evaluate commands
|
2024-07-22 17:06:07 +02:00 |
|
Ben Grande
|
9c3566f524
|
Delimit file names with null terminator
|
2024-07-22 16:56:42 +02:00 |
|
Raja Grewal
|
d6fc71dba7
|
Add option to switch (back) to using kCFI in the future
|
2024-07-22 17:26:00 +10:00 |
|
Patrick Schleizer
|
d2563ed923
|
bumped changelog version
|
2024-07-21 10:40:14 +00:00 |
|
Patrick Schleizer
|
64f8b2eb58
|
Revert "no longer disable Intel ME related kernel modules"
This reverts commit 6157e328f4 .
https://www.kicksecure.com/wiki/Out-of-band_Management_Technology#Intel_ME_Kernel_Modules
https://github.com/Kicksecure/security-misc/issues/239
|
2024-07-21 06:36:22 -04:00 |
|
Patrick Schleizer
|
04fb00572f
|
bumped changelog version
|
2024-07-20 17:02:05 +00:00 |
|
Patrick Schleizer
|
f0a478c7c9
|
permission hardener: allow postfix
postqueue matchwhitelist
postdrop matchwhitelist
|
2024-07-20 12:57:56 -04:00 |
|
Patrick Schleizer
|
9f53a0182b
|
undo io_uring related changes
as these should be done in a separate pull request (if apprpriate)
https://github.com/Kicksecure/security-misc/pull/244#issuecomment-2238889062
|
2024-07-19 07:20:59 -04:00 |
|
Patrick Schleizer
|
8791aecb38
|
Merge remote-tracking branch 'raja/fixes'
|
2024-07-19 07:19:09 -04:00 |
|
Raja Grewal
|
06894d1c98
|
Typo
|
2024-07-19 18:30:42 +10:00 |
|
Patrick Schleizer
|
2d11436432
|
bumped changelog version
|
2024-07-18 18:05:07 +00:00 |
|
Patrick Schleizer
|
cac5bbad99
|
comment
|
2024-07-18 14:04:00 -04:00 |
|
Patrick Schleizer
|
a5eed00eba
|
cleanup comments
|
2024-07-18 14:02:38 -04:00 |
|
Patrick Schleizer
|
21efacf1b1
|
cleanup duplicate comments which are already in /etc/dkms/framework.conf
|
2024-07-18 14:00:28 -04:00 |
|
Patrick Schleizer
|
61628c2baf
|
bumped changelog version
|
2024-07-18 14:11:35 +00:00 |
|
Patrick Schleizer
|
05cf438199
|
no comments / copyright allowed in .displace-extension
|
2024-07-18 10:11:03 -04:00 |
|
Patrick Schleizer
|
2ccc95f6d4
|
bumped changelog version
|
2024-07-18 14:05:23 +00:00 |
|
Raja Grewal
|
95286df502
|
Update README.md regarding secure ICMP redirects
|
2024-07-18 15:28:31 +10:00 |
|
Raja Grewal
|
13cc1f0986
|
Clarify (future) disabling of io_uring
|
2024-07-18 12:25:00 +10:00 |
|
Raja Grewal
|
9e6facda70
|
Update module disabling presentation
|
2024-07-18 12:21:37 +10:00 |
|
Raja Grewal
|
faa9181a6c
|
Typos
|
2024-07-18 12:19:27 +10:00 |
|
Raja Grewal
|
6d211faf59
|
Restrict unprivileged user namespaces
|
2024-07-18 11:04:54 +10:00 |
|
Raja Grewal
|
b04828f858
|
Disable the usage of ptrace() by all processes
|
2024-07-18 11:01:41 +10:00 |
|
Patrick Schleizer
|
d454f36c63
|
spelling
|
2024-07-17 11:52:29 -04:00 |
|
Patrick Schleizer
|
f4da582aa3
|
spelling
|
2024-07-17 11:44:17 -04:00 |
|
Patrick Schleizer
|
9e976474d5
|
spelling
|
2024-07-17 11:40:51 -04:00 |
|
Patrick Schleizer
|
b569fc02a4
|
spelling
|
2024-07-17 11:38:53 -04:00 |
|
Patrick Schleizer
|
a2e26f441b
|
spelling
|
2024-07-17 11:04:03 -04:00 |
|
Patrick Schleizer
|
c8be4ac83c
|
comment
|
2024-07-17 10:56:14 -04:00 |
|
Patrick Schleizer
|
24cd70a014
|
spelling
|
2024-07-17 10:55:12 -04:00 |
|
Patrick Schleizer
|
5cec685cf9
|
spelling
|
2024-07-17 10:49:21 -04:00 |
|
Patrick Schleizer
|
821a416fe3
|
spelling
|
2024-07-17 10:43:16 -04:00 |
|
Patrick Schleizer
|
9a387f95e9
|
Merge remote-tracking branch 'raja/miscellaneous'
|
2024-07-17 10:32:26 -04:00 |
|
Patrick Schleizer
|
fd41acdc72
|
Merge remote-tracking branch 'raja/fack_off'
|
2024-07-17 10:27:31 -04:00 |
|
Raja Grewal
|
4afe257a42
|
minor
|
2024-07-18 00:14:13 +10:00 |
|
Raja Grewal
|
d0a59617f6
|
Add missing Copyright (C) statements
|
2024-07-18 00:13:30 +10:00 |
|
Raja Grewal
|
8f3896c3da
|
Upgrade hyperlinks to HTTPS
|
2024-07-17 23:44:37 +10:00 |
|
Raja Grewal
|
1087387b36
|
Remove obsolete #net.ipv4.tcp_fack=0
|
2024-07-17 23:35:25 +10:00 |
|