Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-10-01 08:25:45 -04:00
Code Issues Packages Projects Releases Wiki Activity
f0e2a82b55
security-misc/etc/permission-hardener.d/25_default_whitelist_qubes.conf
Ben Grande abf72c2ee4
Rename file permission hardening script 
Hardener as the script is the agent that is hardening the file
permissions.
2024-01-02 13:34:29 +01:00

19 lines
725 B
Plaintext
Raw Blame History

## Copyright (C) 2012 - 2023 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
## See the file COPYING for copying conditions.
## Please use "/etc/permission-hardener.d/20_user.conf" or
## "/usr/local/etc/permission-hardener.d/20_user.conf" for your custom
## configuration. When security-misc is updated, this file may be overwritten.
## TODO: research
## https://github.com/QubesOS/qubes-core-agent-linux/blob/master/qubes-rpc/qfile-unpacker.c
##
## Qubes upstream security issue:
## qfile-unpacker allows unprivileged users in VMs to gain root privileges
## https://github.com/QubesOS/qubes-issues/issues/8633
##
## match both:
#/usr/lib/qubes/qfile-unpacker whitelist
#/lib/qubes/qfile-unpacker
qfile-unpacker matchwhitelist
Reference in New Issue View Git Blame Copy Permalink