Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-25 16:46:22 -05:00
Code Issues Projects Releases Packages Wiki Activity
2936 commits 2 branches 291 tags 8.2 MiB
Commit graph

2936 commits

This branch
This branch
All branches
Author SHA1 Message Date
Aaron Rainbolt
fa32ba6c4f
Suppress usbguard startup unless a USB controller is visible to lspci 2025-11-07 17:09:34 -06:00
Patrick Schleizer
5b97e7bd27
bumped changelog version 2025-11-02 11:41:51 +00:00
Patrick Schleizer
58d5f738e6
Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie' 2025-11-02 06:08:46 -05:00
Patrick Schleizer
5121f80f28
comment 2025-11-02 06:00:24 -05:00
Patrick Schleizer
29685938bd
move usbguard reject rules to the top 2025-11-02 05:57:52 -05:00
Aaron Rainbolt
7beb19b64a
Update README.md with info about flatpak auth hardening 2025-11-01 22:06:44 -05:00
Patrick Schleizer
5a6730450a
bumped changelog version 2025-11-01 10:13:50 +00:00
Patrick Schleizer
7de05e88f5
fix 2025-11-01 06:13:37 -04:00
Patrick Schleizer
fe8b7fda3d
chmod +x 2025-11-01 06:08:20 -04:00
Patrick Schleizer
ad0053d937
bumped changelog version 2025-11-01 09:41:23 +00:00
Patrick Schleizer
94918eeefb
lintian 2025-11-01 05:24:31 -04:00
Patrick Schleizer
6cc5eebe22
bumped changelog version 2025-11-01 09:18:12 +00:00
Patrick Schleizer
81a279ee1f
genmkfile debinstfile 2025-11-01 05:10:05 -04:00
Patrick Schleizer
e24eee361d
remove unicode 2025-11-01 04:10:17 -04:00
Patrick Schleizer
53d3809891
Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie' 2025-11-01 04:02:46 -04:00
Patrick Schleizer
dcccad9266
no longer depend on sudo 2025-11-01 03:58:33 -04:00
Patrick Schleizer
cfaa953373
output 2025-11-01 03:42:33 -04:00
Aaron Rainbolt
8b766fc3ad
Lock down flatpak software management 2025-10-31 15:23:12 -05:00
Patrick Schleizer
948c96afe9
bumped changelog version 2025-10-31 14:38:30 +00:00
Patrick Schleizer
aae472d9cf
Revert "Move apparmor-info, apparmor-watch to security-misc, enable systemd-journald audit transport" 
This reverts commit d1e148eba7.
 2025-10-31 10:24:31 -04:00
Patrick Schleizer
3b2092ee76
Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie' 2025-10-31 10:19:08 -04:00
Aaron Rainbolt
d1e148eba7
Move apparmor-info, apparmor-watch to security-misc, enable systemd-journald audit transport 2025-10-30 23:05:19 -05:00
Patrick Schleizer
b168c37e84
bumped changelog version 2025-10-27 11:48:10 +00:00
Patrick Schleizer
c9d48ef7fd
readme 2025-10-27 07:07:25 -04:00
Patrick Schleizer
2dda826e02
bumped changelog version 2025-10-26 12:30:29 +00:00
Patrick Schleizer
cb70f19837
more robust, standardized kernel_cmdline variable detection 2025-10-26 08:06:26 -04:00
Patrick Schleizer
53db631964
bumped changelog version 2025-10-23 06:03:26 +00:00
Patrick Schleizer
f2b33b1ad5
update 2025-10-23 01:08:38 -04:00
Patrick Schleizer
1f093f8175
do not start usbguard-notifier if /sys/bus/usb does not exist 2025-10-22 00:37:36 -04:00
Patrick Schleizer
7969ffd4a5
bumped changelog version 2025-10-19 08:43:36 +00:00
Patrick Schleizer
f555c48c51
fix USBGuard-notifier accept / reject buttons 
https://forums.kicksecure.com/t/usbguard-what-should-we-allow-or-disallow-by-default/1248/49
 2025-10-19 04:42:24 -04:00
Patrick Schleizer
929421bd25
bumped changelog version 2025-10-18 09:19:07 +00:00
Patrick Schleizer
f5b7aab87e
update 2025-10-18 05:18:55 -04:00
Patrick Schleizer
806eec423a
Merge remote-tracking branch 'ArrayBolt3/arraybolt3/trixie' 2025-10-18 04:44:41 -04:00
Aaron Rainbolt
70fbbc230c
Set USBGuard settings to permit USB hubs and Qubes USB passthrough 2025-10-17 15:49:42 -05:00
Aaron Rainbolt
3d5e659b78
Remove trailing spaces 2025-10-15 19:02:48 -05:00
Aaron Rainbolt
29639fe69e
Merge remote-tracking branch 'raja/bad_ipv6_ra' into arraybolt3/trixie 2025-10-15 19:01:08 -05:00
Aaron Rainbolt
026d55ac41
Typo fixes 2025-10-15 18:30:52 -05:00
Aaron Rainbolt
35fce26476
Merge remote-tracking branch 'raja/stop_ptrace' into arraybolt3/trixie 2025-10-15 18:18:33 -05:00
Aaron Rainbolt
4f63af4200
Allow listing USB devices via usbguard 2025-10-15 17:53:26 -05:00
raja-grewal
2304174171
Insert empty new line 2025-10-12 02:32:45 +00:00
raja-grewal
7161430a60
Seperate ptrace() disabling into own file 2025-10-12 02:27:48 +00:00
Patrick Schleizer
6cc1c27fb3
bumped changelog version 2025-10-10 12:08:28 +00:00
Patrick Schleizer
4d9c3dc357
minor 2025-10-10 08:08:10 -04:00
Patrick Schleizer
968de33c65
Force immediate kernel panic on OOM. 
This is to avoid security features such as the screen locker, kloak, emerg-shutdown
from being arbitrarily terminated when the system starts running out of memory.

https://forums.whonix.org/t/screen-locker-in-security-can-we-disable-these-at-least-4-backdoors/8128/14

https://github.com/Kicksecure/security-misc/issues/324

`vm.panic_on_oom=2`

implements https://github.com/Kicksecure/security-misc/issues/324
 2025-10-10 08:03:03 -04:00
Patrick Schleizer
98f27c3b2e
comment 2025-10-10 06:53:04 -04:00
Patrick Schleizer
28a88c7091
comment 2025-10-10 06:52:13 -04:00
Patrick Schleizer
f4a87e7748
Merge remote-tracking branch 'github-kicksecure/master' 2025-10-10 06:51:31 -04:00
Patrick Schleizer
6cf8a623fe
Merge pull request #325 from raja-grewal/hash_pointers 
Docs detailing future improvements to `slab_debug`
 2025-10-10 06:50:46 -04:00
raja-grewal
e89c7ae025
Update docs on slab_debug for future improvements 2025-10-08 02:39:20 +00:00