Raja Grewal
|
41a3bf92fb
|
Sort 30_security-misc_disable.conf
|
2024-07-12 16:21:41 +10:00 |
|
Raja Grewal
|
b02230a783
|
Split modprobe into blacklisted and disabled configurations
|
2024-07-12 02:42:37 +10:00 |
|
Raja Grewal
|
fc792ff232
|
Alphabetically sort existing modprobe
|
2024-07-12 02:29:36 +10:00 |
|
Raja Grewal
|
fe20f3240e
|
Refactor existing modprobe for clarity
|
2024-07-12 02:28:48 +10:00 |
|
Raja Grewal
|
275a4ffc11
|
Remove redundant disabled modules
|
2024-07-12 02:27:56 +10:00 |
|
Raja Grewal
|
1bb843ec38
|
Update Copyright (C) to 2024
|
2024-05-11 13:18:36 +10:00 |
|
Patrick Schleizer
|
0f1119f326
|
Merge pull request #221 from raja-grewal/firewire
Disable Firewire Module
|
2024-05-10 06:45:57 -04:00 |
|
raja-grewal
|
677f75ae8e
|
Disable firewire-net module
|
2024-05-09 02:34:02 +00:00 |
|
raja-grewal
|
06f13bb766
|
Disable GPS modules like GNSS
|
2024-05-09 02:28:53 +00:00 |
|
Patrick Schleizer
|
7dba3fb7be
|
no longer disable MSR by default
fixes https://github.com/Kicksecure/security-misc/issues/215
|
2024-04-01 02:56:27 -04:00 |
|
Patrick Schleizer
|
0efee2f50f
|
usrmerge
fixes https://github.com/Kicksecure/security-misc/issues/190
|
2024-01-17 13:39:56 -05:00 |
|
monsieuremre
|
13b4ddbb62
|
30_security-misc.conf
|
2023-10-27 14:34:21 +00:00 |
|
Raja Grewal
|
7a4212dd76
|
Update copyright
|
2023-03-30 17:08:47 +11:00 |
|
Raja Grewal
|
d67845fea8
|
Typo
|
2022-12-13 16:11:24 +11:00 |
|
Raja Grewal
|
6f695902fb
|
Add comment about legacy Apple fiesystems
|
2022-11-23 23:53:40 +11:00 |
|
Raja Grewal
|
daa30d4e78
|
Include several framebuffer drivers into blacklist
These were previously commented out to test for compatibility issues.
|
2022-11-09 20:43:59 +11:00 |
|
Raja Grewal
|
a72bbb1883
|
Corrected kerenl module disabling
|
2022-07-13 23:42:13 +10:00 |
|
Raja Grewal
|
48089e5ba4
|
More verbose kernel module blocking error logs
|
2022-07-12 17:02:12 +10:00 |
|
Raja Grewal
|
40ec791774
|
Updated comments
|
2022-07-12 16:58:16 +10:00 |
|
Raja Grewal
|
ef1ef9917d
|
Blacklist automatic loading of CD-ROM modules
|
2022-07-10 04:53:25 +10:00 |
|
Raja Grewal
|
61ef9bd59f
|
Incorporated Ubuntu’s kernel module blacklists
|
2022-07-10 04:52:00 +10:00 |
|
Patrick Schleizer
|
26b2c9727f
|
not blacklist CD-ROM / DVD yet
https://forums.whonix.org/t/blacklist-more-kernel-modules-to-reduce-attack-surface/7989/31
|
2022-07-07 15:39:40 -04:00 |
|
Patrick Schleizer
|
ca19d78d48
|
shuffle
|
2022-07-07 15:27:15 -04:00 |
|
Raja Grewal
|
780dc8eec9
|
replace /bin/false -> /bin/disabled-by-security-misc
|
2022-07-08 04:11:25 +10:00 |
|
Raja Grewal
|
fa2e30f512
|
Updated descriptions of disabled modules
|
2022-07-08 03:04:37 +10:00 |
|
Raja Grewal
|
da389d6682
|
Revert "replace /bin/false -> /bin/true"
This reverts commit f0511635a9 .
|
2022-07-08 02:12:04 +10:00 |
|
raja-grewal
|
f0511635a9
|
replace /bin/false -> /bin/true
|
2022-07-07 09:27:53 +00:00 |
|
raja-grewal
|
18d67dbc53
|
Blacklist more modules
|
2022-07-07 09:26:55 +00:00 |
|
Patrick Schleizer
|
2d37e3a1af
|
copyright
|
2022-05-20 14:46:38 -04:00 |
|
Patrick Schleizer
|
a67007f4b7
|
copyright
|
2021-03-17 09:45:21 -04:00 |
|
Patrick Schleizer
|
da1ac48cde
|
unblacklist squashfs as this would likely break Whonix-Host ISO
https://github.com/Whonix/security-misc/pull/75#issuecomment-700044182
|
2020-09-28 10:29:50 -04:00 |
|
Patrick Schleizer
|
4070133ed6
|
unblacklist vfat
https://github.com/Whonix/security-misc/pull/75#issuecomment-695201068
|
2020-09-28 10:25:57 -04:00 |
|
flawedworld
|
a813e7da07
|
Blacklist more modules
|
2020-09-19 20:46:19 +01:00 |
|
Patrick Schleizer
|
2ceea8d1fe
|
update copyright year
|
2020-04-01 08:49:59 -04:00 |
|
Patrick Schleizer
|
e0aa67677d
|
merge the many modprobe.d config files into 1
and use a name starting with double digits
to make it easier to disable settings using a lexically higher config file
|
2020-01-24 04:30:36 -05:00 |
|
madaidan
|
a662a76a52
|
Blacklist vivid
|
2020-01-11 18:37:00 +00:00 |
|
madaidan
|
dd93b11321
|
Blacklist CPU MSRs
|
2019-12-22 13:52:43 +00:00 |
|
madaidan
|
a14a2854c6
|
Elaborate
|
2019-10-16 18:52:14 +00:00 |
|
Patrick Schleizer
|
7affddb3bb
|
blacklist modules with /bin/false rather than /bin/true to fail with error
message rather than failing without notification
|
2019-09-07 05:47:34 +00:00 |
|
onions-knight
|
a8b6281119
|
Update uncommon-network-protocols.conf
Removing llc from blacklisted network protocols as it is needed by KVM for networking.
See https://hub.packtpub.com/kvm-networking-libvirt/ and https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107
|
2019-08-19 11:30:57 +00:00 |
|
madaidan
|
5a4ea39566
|
Create blacklist-bluetooth.conf
|
2019-07-31 18:30:57 +00:00 |
|
madaidan
|
b63d4ccb41
|
Update uncommon-network-protocols.conf
|
2019-07-11 15:28:56 +00:00 |
|
madaidan
|
4058e283a5
|
Blacklist more uncommon network protocols
|
2019-07-10 14:27:19 +00:00 |
|
madaidan
|
d70440aaed
|
Remove duplicate
|
2019-07-09 21:57:37 +00:00 |
|
madaidan
|
2d27bdd808
|
Blacklist more uncommon network protocols
|
2019-07-09 21:55:37 +00:00 |
|
madaidan
|
46409be8b6
|
Use install instead of blacklist
|
2019-07-04 14:25:28 +00:00 |
|
madaidan
|
eb7eaffba1
|
Blacklist n-hdlc
|
2019-07-04 14:24:44 +00:00 |
|
madaidan
|
07c6362f1a
|
Blacklist thunderbolt and firewire
|
2019-06-23 18:34:45 +00:00 |
|
madaidan
|
7177c6041a
|
Create uncommon-network-protocols.conf
|
2019-05-16 20:30:49 +00:00 |
|
Patrick Schleizer
|
6cda8b1496
|
disable conntrack helper for better security
https://phabricator.whonix.org/T486
|
2016-10-10 16:10:30 +00:00 |
|