security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-11 00:10:00 +07:00

Author	SHA1	Message	Date
Patrick Schleizer	34bf245713	output	2019-12-23 01:35:45 -05:00
Patrick Schleizer	ba30e45d15	output	2019-12-23 01:32:42 -05:00
Patrick Schleizer	ee9c5742da	output	2019-12-23 01:29:48 -05:00
Patrick Schleizer	6d05359abc	output	2019-12-23 01:21:52 -05:00
Patrick Schleizer	a1e78e8515	fix needlessly re-adding entries	2019-12-23 01:20:56 -05:00
Patrick Schleizer	906b3d32e7	output	2019-12-23 01:09:57 -05:00
Patrick Schleizer	4f76867da6	lower debugging	2019-12-23 01:08:02 -05:00
Patrick Schleizer	dc6e5d8508	fix	2019-12-23 01:06:38 -05:00
Patrick Schleizer	87b999f92a	refactoring	2019-12-23 00:59:43 -05:00
Patrick Schleizer	065ff4bd05	sanity_tests	2019-12-23 00:59:24 -05:00
Patrick Schleizer	fef1469fe6	exit non-zero if capability removal failed	2019-12-23 00:51:14 -05:00
Patrick Schleizer	17a8c29470	fix capability removal error handling https://forums.whonix.org/t/disable-suid-binaries/7706/45	2019-12-23 00:47:49 -05:00
Patrick Schleizer	b631e2ecd8	refactoring	2019-12-23 00:36:41 -05:00
Patrick Schleizer	7aea304549	comment	2019-12-23 00:26:15 -05:00
Patrick Schleizer	f4b1df02ee	Remove suid / gid and execute permission for 'group' and 'others'. Similar to: chmod og-ugx /path/to/filename Removing execution permission is useful to make binaries such as 'su' fail closed rather than fail open if suid was removed from these. Do not remove read access since no security benefit and easier to manually undo for users. chmod 744	2019-12-22 19:42:40 -05:00
Patrick Schleizer	d300db3cde	output	2019-12-21 14:45:11 -05:00
Patrick Schleizer	3921846df6	comment	2019-12-21 14:36:42 -05:00
Patrick Schleizer	1e8457ea47	no longer remount /lib https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/25	2019-12-21 14:06:10 -05:00
Patrick Schleizer	10c19d6a8f	Merge remote-tracking branch 'origin/master'	2019-12-21 13:00:41 -05:00
madaidan	f5a52aeddc	Don't remount /sys/kernel/security	2019-12-21 14:55:28 +00:00
Patrick Schleizer	b2260f48f4	add support for /etc/exec / /usr/local/etc/exec to allow enabling exec on a per VM basis	2019-12-21 08:03:33 -05:00
Patrick Schleizer	b74e5ca972	comment	2019-12-21 07:47:00 -05:00
Patrick Schleizer	8fb17624bc	comment	2019-12-21 07:44:51 -05:00
Patrick Schleizer	aef796a524	disable debugging	2019-12-21 07:44:23 -05:00
Patrick Schleizer	1fe83d683f	comment	2019-12-21 07:43:55 -05:00
Patrick Schleizer	7c3da38bd5	comment	2019-12-21 07:42:25 -05:00
Patrick Schleizer	9050058bc2	fix	2019-12-21 07:42:01 -05:00
Patrick Schleizer	6b13a644df	add /usr/lib/security-misc/permission-hardening-undo	2019-12-21 07:37:41 -05:00
Patrick Schleizer	c336bc4fd2	comment	2019-12-21 06:39:13 -05:00
Patrick Schleizer	b5f88efe20	fix	2019-12-21 06:27:01 -05:00
Patrick Schleizer	2088628c8d	debugging	2019-12-21 06:24:08 -05:00
Patrick Schleizer	2dca031527	debugging	2019-12-21 06:22:46 -05:00
Patrick Schleizer	195e00cc87	output	2019-12-21 06:16:38 -05:00
Patrick Schleizer	4b21b6df41	fix	2019-12-21 06:11:44 -05:00
Patrick Schleizer	8436da2b7b	output	2019-12-21 05:58:50 -05:00
Patrick Schleizer	da15265e1c	fix	2019-12-21 05:55:23 -05:00
Patrick Schleizer	2a248fe0de	fix	2019-12-21 05:54:39 -05:00
Patrick Schleizer	4f12664362	output	2019-12-21 05:54:07 -05:00
Patrick Schleizer	e3355843c8	fix	2019-12-21 05:51:22 -05:00
Patrick Schleizer	234ec5fe93	fix	2019-12-21 05:47:35 -05:00
Patrick Schleizer	7ff900c204	fix	2019-12-21 05:37:43 -05:00
Patrick Schleizer	e1a5ee4bcf	output	2019-12-21 05:26:55 -05:00
Patrick Schleizer	66aaf3e22c	output	2019-12-21 05:25:54 -05:00
Patrick Schleizer	7aa7d0b5a0	improve error handling	2019-12-21 05:22:27 -05:00
Patrick Schleizer	8919d38de9	disable debugging	2019-12-21 05:21:46 -05:00
Patrick Schleizer	cf5dee64fd	refactoring	2019-12-21 05:18:34 -05:00
Patrick Schleizer	29cd9a0c38	fix	2019-12-21 05:17:35 -05:00
Patrick Schleizer	486027a4d7	fix	2019-12-21 05:15:38 -05:00
Patrick Schleizer	1fd26be864	fix	2019-12-21 05:14:51 -05:00
Patrick Schleizer	0fc97c37be	fix	2019-12-21 05:14:39 -05:00

1 2 3 4 5

250 Commits