mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-19 20:29:53 +07:00
Code Issues Packages Projects Releases Wiki Activity

run permission hardener when new packages are install files to /usr or /opt

Browse Source 
(basically anywhere)

fixes https://github.com/Kicksecure/security-misc/issues/189
This commit is contained in:
Patrick Schleizer
2024-01-17 13:23:20 -05:00
parent 66e6371221
commit 18a06935e0
2 changed files with 6 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
debian/security-misc.postinst vendored
View File

@ -33,17 +33,16 @@ permission_hardening_legacy_config_folder() {
}
permission_hardening() {
echo ""
echo "Running SUID Disabler and Permission Hardener... See also:"
echo "https://www.kicksecure.com/wiki/SUID_Disabler_and_Permission_Hardener"
echo ""
echo "$0: INFO: running: permission-hardener enable"
echo ""
if ! permission-hardener enable ; then
echo "$0: ERROR: Permission hardening failed." >&2
return 0
fi
echo "$0: INFO: Permission hardening success."
echo ""
echo "$0: INFO: Permission hardening success."
}
case "$1" in
@ -64,6 +63,7 @@ case "$1" in
echo "INFO: triggered $DPKG_MAINTSCRIPT_PACKAGE: '$DPKG_MAINTSCRIPT_PACKAGE' $DPKG_MAINTSCRIPT_PACKAGE DPKG_MAINTSCRIPT_NAME: '$DPKG_MAINTSCRIPT_NAME' $\@: '$@' 2: '$2'"
/usr/share/security-misc/lkrg/lkrg-virtualbox || true
/usr/libexec/security-misc/mmap-rnd-bits || true
permission_hardening
exit 0
;;