Commit Graph

248 Commits

Author SHA1 Message Date
Patrick Schleizer
ff3412fbe0
fix, make sure to undo pam changes on package removal
Thanks to minimal for the bug report!

https://forums.whonix.org/t/is-security-misc-suitable-for-hardening-bridges-and-relays/8299/11
2019-11-27 10:22:31 -05:00
Patrick Schleizer
9091f69edd
bumped changelog version 2019-11-25 08:51:36 +00:00
Patrick Schleizer
aa5451c8cd
Lock user accounts after 50 rather than 100 failed login attempts.
https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698/19
2019-11-25 01:39:53 -05:00
Patrick Schleizer
6277db1383
bumped changelog version 2019-11-23 14:07:45 +00:00
Patrick Schleizer
fe1f1b73a7
load jitterentropy_rng kernel module for better entropy collection
https://www.whonix.org/wiki/Dev/Entropy

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927972

https://forums.whonix.org/t/jitterentropy-rngd/7204
2019-11-23 11:20:32 +00:00
Patrick Schleizer
e76e1475b0
comment 2019-11-22 12:24:35 -05:00
Patrick Schleizer
a99dfd067a
bumped changelog version 2019-11-19 15:31:55 +00:00
Patrick Schleizer
8ad8dbea5a
bumped changelog version 2019-11-18 19:16:16 +00:00
Patrick Schleizer
d1d61b106b
bumped changelog version 2019-11-09 18:44:50 +00:00
Patrick Schleizer
6b7df973f6
bumped changelog version 2019-11-09 12:57:45 +00:00
Patrick Schleizer
6e28774f95
bumped changelog version 2019-11-09 12:23:15 +00:00
Patrick Schleizer
b55c2fd62e
Enables punycode (network.IDN_show_punycode) by default in Thunderbird
to make phising attacks more difficult. Fixing URL not showing real Domain
Name (Homograph attack).

https://forums.whonix.org/t/enable-network-idn-show-punycode-by-default-in-thunderbird-to-fix-url-not-showing-real-domain-name-homograph-attack-punycode/8415
2019-11-03 02:50:51 -05:00
Patrick Schleizer
bf62306d4f
bumped changelog version 2019-10-31 16:34:35 +00:00
Patrick Schleizer
6e5d8b357d
bumped changelog version 2019-10-31 16:06:51 +00:00
Patrick Schleizer
203d5cfa68
copyright 2019-10-31 11:19:44 -04:00
madaidan
0699747fcb
Debian packaging 2019-10-28 14:24:37 +00:00
madaidan
fe4e29d392
Depend on dh-apparmor 2019-10-28 14:22:47 +00:00
Patrick Schleizer
d832ab91bd
bumped changelog version 2019-10-23 10:22:03 +00:00
Patrick Schleizer
9c8f678cb9
bumped changelog version 2019-10-21 09:55:41 +00:00
Patrick Schleizer
2d436f3602
bumped changelog version 2019-10-21 09:51:36 +00:00
Patrick Schleizer
40707e70db
Redirect calls for pkexec to lxqt-sudo because pkexec is incompatible with hidepid.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860040

https://forums.whonix.org/t/cannot-use-pkexec/8129

Thanks to AnonymousUser for the bug report!
2019-10-21 05:46:49 -04:00
Patrick Schleizer
31b771ac2e
bumped changelog version 2019-10-18 10:39:43 +00:00
Patrick Schleizer
957deac5cb
fix lintian warning
W: security-misc: maintainer-script-should-not-parse-etc-passwd-or-group preinst:19
2019-10-18 10:38:25 +00:00
Patrick Schleizer
d301e7f365
description, fix lintian warning 2019-10-18 10:36:44 +00:00
Patrick Schleizer
ce6b64a9ba
bumped changelog version 2019-10-18 08:55:07 +00:00
Patrick Schleizer
c9d75ef9ea
abort installation if no user is part of group sudo
https://forums.whonix.org/t/is-security-misc-suitable-for-hardening-bridges-and-relays/8299/4

Thanks to minimal for the bug report!
2019-10-17 06:46:47 -04:00
Patrick Schleizer
8a42c5b023
Merge pull request #34 from madaidan/whitelist
Add a whitelist for /sys and /proc/cpuinfo
2019-10-17 09:59:12 +00:00
madaidan
259b1f2c71
Update control 2019-10-16 19:21:24 +00:00
madaidan
af607d5eb2
Create sysfs and cpuinfo groups 2019-10-15 21:02:03 +00:00
Patrick Schleizer
4b1b3b7d66
bumped changelog version 2019-10-14 10:23:01 +00:00
Patrick Schleizer
8b4f2befd4
comment out sack by default
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/8?u=patrick
2019-10-05 13:15:34 +00:00
Patrick Schleizer
02096f8d7c
Revert "undo Disabling TCP SACK, DSACK, FACK"
This reverts commit 5fb4eb8e56.
2019-10-05 13:13:46 +00:00
Patrick Schleizer
62a0239207
bumped changelog version 2019-10-05 11:33:15 +00:00
Patrick Schleizer
5fb4eb8e56
undo Disabling TCP SACK, DSACK, FACK
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/5
2019-10-05 07:00:47 -04:00
Patrick Schleizer
213aef6eb9
bumped changelog version 2019-10-05 09:40:26 +00:00
madaidan
ec5fcf813b
Update control 2019-10-03 20:50:48 +00:00
Patrick Schleizer
ddc778b452
bumped changelog version 2019-09-16 13:34:11 +00:00
Patrick Schleizer
c2e444479c
bumped changelog version 2019-09-15 14:08:13 +00:00
Patrick Schleizer
619550da23
description 2019-09-15 14:00:24 +00:00
Patrick Schleizer
b95b66e429
description 2019-09-15 13:56:37 +00:00
Patrick Schleizer
ae804a15e7
description 2019-09-15 13:21:02 +00:00
Patrick Schleizer
3d187dab99
bumped changelog version 2019-09-12 12:50:42 +00:00
Patrick Schleizer
f13a73e569
undo SysRq restrictions
https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079
2019-09-10 12:35:42 -04:00
Patrick Schleizer
1f75a10650
bumped changelog version 2019-09-09 12:10:24 +00:00
Patrick Schleizer
9d875d7c31
bumped changelog version 2019-09-07 06:11:32 +00:00
Patrick Schleizer
8132052ce0
run update-grub from postinst so /etc/default/grub.d changes take effect 2019-09-07 05:44:23 +00:00
Patrick Schleizer
661bcd8603
allow loading unsigned modules due to issues
https://forums.whonix.org/t/allow-loading-signed-kernel-modules-by-default-disallow-kernel-module-loading-by-default/7880/23
2019-09-07 05:39:56 +00:00
Patrick Schleizer
9ee9309f54
bumped changelog version 2019-09-06 13:04:57 +00:00
Patrick Schleizer
ea0779e42a
rm_conffile /etc/sudoers.d/umask-security-misc 2019-09-06 13:00:20 +00:00
Patrick Schleizer
3a9939dccb
bumped changelog version 2019-09-06 11:47:40 +00:00