mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-22 16:33:35 +07:00
Code Issues Packages Projects Releases Wiki Activity

permission hardner: treat mount the same way we treat umount

Browse Source 
Thanks to @the-moog for the bug report!

fixes https://github.com/Kicksecure/security-misc/issues/284
This commit is contained in:
Patrick Schleizer 2024-12-06 09:48:58 -05:00
parent 93b51819d4
commit 5b88e92e5c
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/permission-hardener.d/25_default_whitelist_mount.conf
View File

@ -10,8 +10,12 @@
## SUID will be removed below in separate step.
/bin/mount exactwhitelist
/usr/bin/mount exactwhitelist
/bin/umount exactwhitelist
/usr/bin/umount exactwhitelist
## Remove SUID from 'mount' but keep executable.
## https://forums.whonix.org/t/disable-suid-binaries/7706/61
/bin/mount 755 root root
/usr/bin/mount 755 root root
/bin/umount 755 root root
/usr/bin/umount 755 root root