mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-09 06:36:44 +07:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #27 from madaidan/patch-21

Browse Source 
Blacklist bluetooth
This commit is contained in:
Patrick Schleizer 2019-08-16 14:36:00 +00:00 committed by GitHub
commit 9781598632
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
debian/control vendored
View File

@ -72,7 +72,10 @@ Description: enhances misc security settings
* The kernel now panics on oopses to prevent it from continuing running a * The kernel now panics on oopses to prevent it from continuing running a
flawed process. flawed process.
. .
Requires every module to be signed before being loaded. Any module that is * Bluetooth is blacklisted to reduce attack surface. Bluetooth also has
a history of [security concerns](https://en.wikipedia.org/wiki/Bluetooth#History_of_security_concerns).
.
* Requires every module to be signed before being loaded. Any module that is
unsigned or signed with an invalid key cannot be loaded. This makes it harder unsigned or signed with an invalid key cannot be loaded. This makes it harder
to load a malicious module. to load a malicious module.
/etc/default/grub.d/40_only_allow_signed_modules.cfg /etc/default/grub.d/40_only_allow_signed_modules.cfg

3
etc/modprobe.d/blacklist-bluetooth.conf Normal file
View File

@ -0,0 +1,3 @@
# Blacklists bluetooth.
install bluetooth /bin/true
install btusb /bin/true