security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-05 21:10:33 +07:00

Author	SHA1	Message	Date
Patrick Schleizer	4b1b3b7d66	bumped changelog version	2019-10-14 10:23:01 +00:00
Patrick Schleizer	8b4f2befd4	comment out sack by default https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/8?u=patrick	2019-10-05 13:15:34 +00:00
Patrick Schleizer	02096f8d7c	Revert "undo Disabling TCP SACK, DSACK, FACK" This reverts commit `5fb4eb8e56`.	2019-10-05 13:13:46 +00:00
Patrick Schleizer	62a0239207	bumped changelog version	2019-10-05 11:33:15 +00:00
Patrick Schleizer	5fb4eb8e56	undo Disabling TCP SACK, DSACK, FACK https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/5	2019-10-05 07:00:47 -04:00
Patrick Schleizer	213aef6eb9	bumped changelog version	2019-10-05 09:40:26 +00:00
madaidan	ec5fcf813b	Update control	2019-10-03 20:50:48 +00:00
Patrick Schleizer	ddc778b452	bumped changelog version	2019-09-16 13:34:11 +00:00
Patrick Schleizer	c2e444479c	bumped changelog version	2019-09-15 14:08:13 +00:00
Patrick Schleizer	619550da23	description	2019-09-15 14:00:24 +00:00
Patrick Schleizer	b95b66e429	description	2019-09-15 13:56:37 +00:00
Patrick Schleizer	ae804a15e7	description	2019-09-15 13:21:02 +00:00
Patrick Schleizer	3d187dab99	bumped changelog version	2019-09-12 12:50:42 +00:00
Patrick Schleizer	f13a73e569	undo SysRq restrictions https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079	2019-09-10 12:35:42 -04:00
Patrick Schleizer	1f75a10650	bumped changelog version	2019-09-09 12:10:24 +00:00
Patrick Schleizer	9d875d7c31	bumped changelog version	2019-09-07 06:11:32 +00:00
Patrick Schleizer	8132052ce0	run update-grub from postinst so /etc/default/grub.d changes take effect	2019-09-07 05:44:23 +00:00
Patrick Schleizer	661bcd8603	allow loading unsigned modules due to issues https://forums.whonix.org/t/allow-loading-signed-kernel-modules-by-default-disallow-kernel-module-loading-by-default/7880/23	2019-09-07 05:39:56 +00:00
Patrick Schleizer	9ee9309f54	bumped changelog version	2019-09-06 13:04:57 +00:00
Patrick Schleizer	ea0779e42a	rm_conffile /etc/sudoers.d/umask-security-misc	2019-09-06 13:00:20 +00:00
Patrick Schleizer	3a9939dccb	bumped changelog version	2019-09-06 11:47:40 +00:00
Patrick Schleizer	5960c1682a	description	2019-09-06 11:46:22 +00:00
Patrick Schleizer	fccfacfdaf	description	2019-09-06 11:45:54 +00:00
Patrick Schleizer	610d3488e9	bumped changelog version	2019-09-06 09:33:06 +00:00
Patrick Schleizer	0e20e33d16	description	2019-09-05 02:31:57 -04:00
Patrick Schleizer	0b3dcef13d	description	2019-09-05 02:30:40 -04:00
Patrick Schleizer	f2e5883b4c	description	2019-09-05 02:29:48 -04:00
Patrick Schleizer	a4913ae092	description	2019-09-05 02:28:43 -04:00
Patrick Schleizer	a2aeb401a2	bumped changelog version	2019-08-31 13:44:37 +00:00
Patrick Schleizer	3a5bdddf5c	depend on adduser	2019-08-31 08:43:46 -04:00
Patrick Schleizer	8bbebf64cf	bumped changelog version	2019-08-24 16:41:27 +00:00
Patrick Schleizer	0ae5c5ff14	remove umask changes since these are causing issues are are not needed anymore thanks to home folder permission lockdown https://forums.whonix.org/t/change-default-umask/7416/45	2019-08-24 12:14:22 -04:00
Patrick Schleizer	41c4682280	bumped changelog version	2019-08-23 16:57:12 +00:00
Patrick Schleizer	a74b983283	remove LLC - IEEE 802.2 from blacklist since required by KVM https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107 https://forums.whonix.org/t/blacklist-uncommon-network-protocols/7391/22 https://github.com/Whonix/security-misc/pull/29	2019-08-19 12:46:59 +00:00
Patrick Schleizer	e15b560305	bumped changelog version	2019-08-17 10:54:08 +00:00
Patrick Schleizer	e535232728	description	2019-08-17 10:37:49 +00:00
Patrick Schleizer	7ffdd7c240	description	2019-08-17 10:37:42 +00:00
Patrick Schleizer	207399439f	description	2019-08-17 10:37:36 +00:00
Patrick Schleizer	d4fb485e70	description	2019-08-17 10:35:31 +00:00
Patrick Schleizer	e0e25364e2	bumped changelog version	2019-08-17 09:57:48 +00:00
Patrick Schleizer	ed90d8b025	change default umask to 027 as per: https://forums.whonix.org/t/change-default-umask/7416/47	2019-08-17 09:55:20 +00:00
Patrick Schleizer	b9127faac3	bumped changelog version	2019-08-16 16:05:51 +00:00
Patrick Schleizer	f9e3825e91	fix lintian warning	2019-08-16 16:05:09 +00:00
Patrick Schleizer	ec99720811	bumped changelog version	2019-08-16 15:59:14 +00:00
Patrick Schleizer	224f95799c	sudo default umask 006 https://forums.whonix.org/t/change-default-umask/7416/43	2019-08-16 11:15:25 -04:00
Patrick Schleizer	85502ad430	Merge branch 'master' into patch-21	2019-08-16 14:35:51 +00:00
Patrick Schleizer	34672b88a8	bumped changelog version	2019-08-15 15:18:02 +00:00
Patrick Schleizer	ff9bc1d7ea	informational output during PAM: * Show failed and remaining password attempts. * Document unlock procedure if Linux user account got locked. * Point out, that there is no password feedback for `su`. * Explain locked (root) account if locked. * /usr/share/pam-configs/tally2-security-misc * /usr/lib/security-misc/pam_tally2-info	2019-08-15 13:37:28 +00:00
Patrick Schleizer	ce4a30d3ce	bumped changelog version	2019-08-14 11:52:26 +00:00
Patrick Schleizer	a7c25a451c	remove unneeded dependency on libpam-cgfs	2019-08-14 11:50:53 +00:00
Patrick Schleizer	633854c6be	bumped changelog version	2019-08-14 11:13:25 +00:00
Patrick Schleizer	0feb54b28e	add Depends: apparmor-profile-anondist to fix apparmor issue sudo[19806]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied sudo[18961]: pam_exec(sudo:session): /usr/lib/security-misc/permission-lockdown failed: exit code 13 kernel: audit: type=1400 audit(1565780860.972:224): apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=19806 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0	2019-08-14 11:10:18 +00:00
Patrick Schleizer	5213cfbcdc	bumped changelog version	2019-08-14 10:08:18 +00:00
Patrick Schleizer	01b3a0bfae	description	2019-08-14 09:52:53 +00:00
Patrick Schleizer	dee195d89e	description	2019-08-14 09:40:41 +00:00
Patrick Schleizer	21489111d1	run permission lockdown during pam https://forums.whonix.org/t/change-default-umask/7416	2019-08-14 08:34:03 +00:00
Patrick Schleizer	42f2d5f666	description	2019-08-14 07:39:28 +00:00
Patrick Schleizer	f210294f40	description	2019-08-14 07:24:24 +00:00
Patrick Schleizer	f1d8cbc9fb	bumped changelog version	2019-08-14 07:02:09 +00:00
Patrick Schleizer	a82448d46a	description	2019-08-14 07:01:25 +00:00
Patrick Schleizer	6f8acf06d7	bumped changelog version	2019-08-11 12:07:07 +00:00
Patrick Schleizer	aacd9c7679	description	2019-08-11 10:34:38 +00:00
Patrick Schleizer	c0b5c70de4	description	2019-08-11 10:33:22 +00:00
Patrick Schleizer	75769151cd	bumped changelog version	2019-08-10 11:37:02 +00:00
Patrick Schleizer	a703865dcf	bumped changelog version	2019-08-01 12:02:41 +00:00
Patrick Schleizer	5d0aec1321	bumped changelog version	2019-07-31 19:12:27 +00:00
madaidan	4a6f87f3fa	Update control	2019-07-31 18:33:28 +00:00
Patrick Schleizer	864de10659	bumped changelog version	2019-07-31 15:17:51 +00:00
Patrick Schleizer	c09fb208d1	bumped changelog version	2019-07-31 07:44:50 +00:00
Patrick Schleizer	ac1220e14b	depend on sudo so group sudo exists during postinst	2019-07-31 07:32:59 +00:00
Patrick Schleizer	09f75fb1ff	description	2019-07-31 07:32:36 +00:00
Patrick Schleizer	2ad087dcd9	description	2019-07-31 07:30:40 +00:00
Patrick Schleizer	404f597c0a	description	2019-07-31 07:29:42 +00:00
Patrick Schleizer	c921872016	description	2019-07-31 07:27:13 +00:00
Patrick Schleizer	39e1b1c5f0	update file path	2019-07-31 07:26:25 +00:00
Patrick Schleizer	031a1c8751	bumped changelog version	2019-07-22 01:16:18 +00:00
Patrick Schleizer	8c538ba318	bumped changelog version	2019-07-17 21:38:26 +00:00
Patrick Schleizer	940054d53f	bumped changelog version	2019-07-17 21:08:23 +00:00
Patrick Schleizer	c0a4a10d6b	description	2019-07-17 21:05:11 +00:00
Patrick Schleizer	7352b2ac31	description	2019-07-17 21:03:54 +00:00
Patrick Schleizer	4bf2360b95	description	2019-07-17 21:02:27 +00:00
Patrick Schleizer	9f2e300e72	description	2019-07-17 20:48:33 +00:00
Patrick Schleizer	d044780c04	description	2019-07-17 20:42:14 +00:00
Patrick Schleizer	75e5714d18	description	2019-07-17 20:40:01 +00:00
Patrick Schleizer	8c2f983578	description	2019-07-17 20:39:42 +00:00
Patrick Schleizer	50036b2934	bumped changelog version	2019-07-17 19:13:57 +00:00
Patrick Schleizer	1b772c6a9a	bumped changelog version	2019-07-16 19:45:52 +00:00
Patrick Schleizer	2499ae0890	description	2019-07-16 07:28:50 -04:00
Patrick Schleizer	d0124b24d1	description	2019-07-16 07:27:56 -04:00
Patrick Schleizer	4b604bbb24	bumped changelog version	2019-07-15 13:26:47 +00:00
Patrick Schleizer	5c741d2149	shuffle	2019-07-15 13:02:30 +00:00
Patrick Schleizer	d247b7534b	sort description by categories	2019-07-15 13:01:46 +00:00
Patrick Schleizer	168ea5a660	shuffle	2019-07-15 08:48:17 -04:00
Patrick Schleizer	1731196c9f	bumped changelog version	2019-07-13 18:51:32 +00:00
Patrick Schleizer	7afddb028f	bumped changelog version	2019-07-13 16:30:39 +00:00
Patrick Schleizer	ea90f95f1c	cleanup	2019-07-13 16:26:40 +00:00
Patrick Schleizer	ea8b22ee78	shuffle	2019-07-13 16:26:14 +00:00
Patrick Schleizer	ca7e0e0161	description	2019-07-13 16:25:08 +00:00
Patrick Schleizer	ffb5a9c482	formatting	2019-07-13 16:23:39 +00:00
Patrick Schleizer	41675ddcff	removed: The amount of hashing rounds used by shadow is bumped to 65536. This increases the security of hashed passwords. Since we do not do that currently. https://forums.whonix.org/t/restrict-root-access/7658/37	2019-07-13 16:21:34 +00:00

1 2 3 4 5 ...

269 Commits