|
|
5e3338f8d3
|
bullseye
|
2021-08-03 05:48:25 -04:00 |
|
|
|
bb3e65f7a8
|
bullseye
|
2021-08-03 03:25:35 -04:00 |
|
|
|
c94281121e
|
comment
|
2021-08-01 16:37:02 -04:00 |
|
|
|
3599e8e2da
|
readme
|
2021-08-01 16:24:41 -04:00 |
|
|
|
82f3961a71
|
bumped changelog version
21.6-1
|
2021-08-01 13:12:08 -04:00 |
|
|
|
5a65c35479
|
port LKRG compatibility settings automation for VirtualBox hosts from systemd to dpkg trigger
|
2021-08-01 13:11:18 -04:00 |
|
|
|
f03c7978c7
|
bumped changelog version
21.5-1
|
2021-07-25 11:31:45 -04:00 |
|
|
|
b3e34f7f43
|
comment
|
2021-07-25 11:27:07 -04:00 |
|
|
|
7e128636b3
|
improve LKRG VirtualBox host configuration
as per https://github.com/openwall/lkrg/issues/82#issuecomment-886188999
|
2021-07-25 11:26:20 -04:00 |
|
|
|
3ebe9e7c53
|
bumped changelog version
21.4-1
|
2021-07-24 18:10:06 -04:00 |
|
|
|
257cef24ba
|
add LKRG compatibility settings automation for VirtualBox hosts
https://github.com/openwall/lkrg/issues/82
|
2021-07-24 18:03:40 -04:00 |
|
|
|
0f86ffef04
|
bumped changelog version
21.3-1
|
2021-06-23 11:20:39 -04:00 |
|
|
|
74e39cbf69
|
pam-abort-on-locked-password: more descriptive error handling
https://forums.whonix.org/t/restrict-root-access/7658/1
|
2021-06-20 11:18:56 -04:00 |
|
|
|
0f3dbfc4a1
|
bumped changelog version
21.2-1
|
2021-06-20 10:16:57 -04:00 |
|
|
|
eff5af0318
|
https://forums.whonix.org/t/restrict-root-access/7658/116
|
2021-06-20 10:16:33 -04:00 |
|
|
|
419f1d89c2
|
bumped changelog version
21.1-1
|
2021-06-07 12:13:37 -04:00 |
|
|
|
30d1ce36af
|
Merge remote-tracking branch 'github-whonix/master'
|
2021-06-07 12:11:58 -04:00 |
|
|
|
70a1eb25a5
|
Merge pull request #101 from madaidan/sudo
Restrict sudo's file permissions
|
2021-06-05 15:55:41 -04:00 |
|
|
|
97d8db3f74
|
Restrict sudo's file permissions
|
2021-06-05 19:16:42 +00:00 |
|
|
|
0305baf211
|
bumped changelog version
21.0-1
|
2021-06-01 07:36:59 -04:00 |
|
|
|
d87bee37f7
|
comment
|
2021-06-01 07:21:18 -04:00 |
|
|
|
809930c021
|
comment
|
2021-06-01 05:36:01 -04:00 |
|
|
|
5bd59991cb
|
bumped changelog version
20.9-1
|
2021-05-05 08:37:56 -04:00 |
|
|
|
6e759f9196
|
config-package-dev displace /etc/dkms/framework.conf
https://forums.whonix.org/t/enforce-kernel-module-software-signature-verification-module-signing-disallow-kernel-module-loading-by-default/7880/58
|
2021-04-29 11:17:30 -04:00 |
|
|
|
e2afd00627
|
modify DKMS configuration file /etc/dkms/framework.conf
Lower parallel compilation jobs to 1 if less than 2 GB RAM to avoid freezing of virtual machines.
`parallel_jobs=1`
This does not necessarily belong into security-misc, however likely
security-misc will need to modify `/etc/dkms/framework.conf` in the future to
enable kernel module signing.
https://forums.whonix.org/t/linux-kernel-runtime-guard-lkrg-linux-kernel-runtime-integrity-checking-and-exploit-detection/8477/26
https://forums.whonix.org/t/enforce-kernel-module-software-signature-verification-module-signing-disallow-kernel-module-loading-by-default/7880/58
|
2021-04-29 11:14:30 -04:00 |
|
|
|
3ba3b37187
|
add /etc/dkms/framework.conf.security-misc
original, from
- https://github.com/dell/dkms/blob/master/dkms_framework.conf
- https://raw.githubusercontent.com/dell/dkms/master/dkms_framework.conf
https://forums.whonix.org/t/enforce-kernel-module-software-signature-verification-module-signing-disallow-kernel-module-loading-by-default/7880/58
|
2021-04-29 11:08:30 -04:00 |
|
|
|
1d35bdf291
|
bumped changelog version
20.8-1
|
2021-04-05 11:58:47 -04:00 |
|
|
|
41734ec523
|
systemd RemainAfterExit=yes
for better usability
https://forums.whonix.org/t/restrict-hardware-information-to-root-testers-wanted/8618/33
|
2021-04-03 11:44:13 -04:00 |
|
|
|
e8ea94325b
|
bumped changelog version
20.7-1
|
2021-03-17 12:31:34 -04:00 |
|
|
|
a67007f4b7
|
copyright
|
2021-03-17 09:45:21 -04:00 |
|
|
|
0c4a7207e4
|
bumped changelog version
20.6-1
|
2021-03-04 07:09:01 -05:00 |
|
|
|
a1819e8cab
|
comment
|
2021-03-01 09:15:44 -05:00 |
|
|
|
3382192b89
|
Merge remote-tracking branch 'github/master'
|
2021-03-01 09:12:18 -05:00 |
|
|
|
2e8e3c07c4
|
Merge pull request #100 from 0xC0ncord/bugfix/selinuxfs_restrictions
hide-hardware-info: allow unrestricting selinuxfs
|
2021-03-01 14:11:28 +00:00 |
|
|
|
7f30d70295
|
bumped changelog version
20.5-1
|
2021-02-06 06:31:45 -05:00 |
|
|
|
83c0be5177
|
readme
|
2021-02-06 06:27:54 -05:00 |
|
|
|
4db7d6be64
|
hide-hardware-info: allow unrestricting selinuxfs
On SELinux systems, the /sys/fs/selinux directory must be visible to
userspace utilities in order to function properly.
|
2021-02-06 03:02:08 -05:00 |
|
|
|
3120ff3ec9
|
bumped changelog version
20.4-1
|
2021-01-29 23:37:03 -05:00 |
|
|
|
af3244741d
|
comment
|
2021-01-29 23:15:52 -05:00 |
|
|
|
d9aaf59105
|
bumped changelog version
20.3-1
|
2021-01-28 02:15:46 -05:00 |
|
|
|
b0b7f569ee
|
comment
|
2021-01-28 02:11:54 -05:00 |
|
|
|
f2595cc254
|
bumped changelog version
20.2-1
|
2021-01-27 05:50:16 -05:00 |
|
|
|
9622f28e25
|
skip counting failed login attempts from dovecot
Failed dovecot logins should not result in account getting locked.
revert "use pam_tally2 only for login"
|
2021-01-27 05:49:34 -05:00 |
|
|
|
480f74cab6
|
bumped changelog version
20.1-1
|
2021-01-24 05:10:36 -05:00 |
|
|
|
6757104aa4
|
use pam_tally2 only for login
to skip counting failed login attempts over ssh and mail login
|
2021-01-24 05:04:48 -05:00 |
|
|
|
126c31c37d
|
bumped changelog version
20.0-1
|
2021-01-19 19:41:43 -05:00 |
|
|
|
14d13fb03e
|
readme
|
2021-01-19 19:41:42 -05:00 |
|
|
|
611fbe2c61
|
description
|
2021-01-18 05:39:34 -05:00 |
|
|
|
0e8ea5eb72
|
bumped changelog version
19.9-1
|
2021-01-14 02:36:49 -05:00 |
|
|
|
ddd62c1eef
|
readme
|
2021-01-12 03:24:11 -05:00 |
|
