security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-03 21:40:02 +07:00

Author	SHA1	Message	Date
Patrick Schleizer	af43472d0c	bumped changelog version	2024-11-14 22:24:50 +00:00
Patrick Schleizer	c7e9460b2a	output	2024-11-14 16:31:12 -05:00
Patrick Schleizer	31804e30ec	bumped changelog version	2024-11-14 20:46:26 +00:00
Patrick Schleizer	ef95b3f9a5	Revert "fix `panic-on-oops.service`" This reverts commit `862d23cb10`.	2024-11-14 14:41:14 -05:00
Patrick Schleizer	57e1edde23	bumped changelog version	2024-11-12 09:11:57 +00:00
Patrick Schleizer	7987a3914d	deleted no longer used and out-commented `/etc/sudoers.d/xfce-security-misc` leftover	2024-11-12 02:29:42 -05:00
Patrick Schleizer	8c2e8e6979	deleted no longer used and out-commented `etc/sudoers.d/pkexec-security-misc` leftover	2024-11-12 01:41:12 -05:00
Patrick Schleizer	65fc0419a8	bumped changelog version	2024-11-11 11:07:57 +00:00
Patrick Schleizer	50161f5d79	moved /etc/dkms/framework.conf.d/30_security-misc.conf (renamed) to usability-misc	2024-11-11 05:48:11 -05:00
Patrick Schleizer	7c06e22c7d	deleted `/usr/bin/pkexec.security-misc` This was not used anymore for anything. In the past, we used to `config-package-dev` `replace` `/usr/bin/pkexec` with `/usr/bin/pkexec.security-misc` for the purpose of: > Redirect calls for pkexec to lxqt-sudo because pkexec is incompatible with hidepid. * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860040 * https://forums.whonix.org/t/cannot-use-pkexec/8129 This was a worthwhile effort, interesting approach but ultimately a dead-end.	2024-11-11 05:43:25 -05:00
Patrick Schleizer	ef05b1a160	disable legacy matroxfb_base framebuffer driver fix typo matroxfb_bases -> matroxfb_base Thanks to @ArrayBolt3 for the bug report!	2024-11-11 05:40:41 -05:00
Patrick Schleizer	862d23cb10	fix `panic-on-oops.service` remove `After=multi-user.target` because already using `WantedBy=multi-user.target` Thanks to @ArrayBolt3 for the bug report!	2024-11-11 05:36:41 -05:00
Patrick Schleizer	29ae5f5980	fix optional opt-in `harden-module-loading.service` by making `/usr/libexec/security-misc/disable-kernel-module-loading` executable Thanks to @ArrayBolt3 for the bug report!	2024-11-11 05:28:31 -05:00
Patrick Schleizer	4c649577f0	bumped changelog version	2024-11-10 11:52:42 +00:00
Patrick Schleizer	29b1f1ec5f	Merge remote-tracking branch 'github-kicksecure/master'	2024-11-10 06:32:30 -05:00
Patrick Schleizer	5bd0a277bf	fix permission-hardener issue "Removing capabilities failed. File: '/bin/ping'" no longer user end-of-options marker (`--`) for `setcap` since setcap does not support it Fixes https://github.com/QubesOS/qubes-issues/issues/9569 https://forums.whonix.org/t/permission-hardener-error/20719	2024-11-10 06:29:17 -05:00
Patrick Schleizer	238f32e81d	Merge pull request #280 from raja-grewal/ssbd Enable `ssbd=force-on`	2024-11-08 07:39:40 -05:00
raja-grewal	8107782fa5	Enable `ssbd=force-on`	2024-11-08 15:36:04 +11:00
Patrick Schleizer	3af2684134	bumped changelog version	2024-10-30 09:43:05 +00:00
Patrick Schleizer	71c58442ca	minor	2024-10-28 05:10:19 -04:00
Patrick Schleizer	cfe19e31d8	shell options	2024-10-28 05:09:53 -04:00
Patrick Schleizer	0d50615658	local	2024-10-28 05:07:00 -04:00
Patrick Schleizer	ef0eb5f7a0	refactoring	2024-10-28 05:06:26 -04:00
Patrick Schleizer	fdd1f4b7f8	refactoring	2024-10-28 05:06:05 -04:00
Patrick Schleizer	d00235897d	hide-hardware-info: also parse `/usr/local/etc/hide-hardware-info.d/*.conf`	2024-10-28 05:03:59 -04:00
Patrick Schleizer	6c2e808b9f	refactoring	2024-10-28 05:03:20 -04:00
Patrick Schleizer	b44e507900	bumped changelog version	2024-10-23 09:56:05 +00:00
Patrick Schleizer	566cda5e4b	output	2024-10-21 05:47:38 -04:00
Patrick Schleizer	5991a23049	comment	2024-10-21 05:47:25 -04:00
Patrick Schleizer	fd34baff8f	Merge remote-tracking branch 'ArrayBolt3/master'	2024-10-21 05:43:53 -04:00
Aaron Rainbolt	690e8dd826	Avoid faillock lock/tally reset on reboot or timeout	2024-10-19 23:52:51 -05:00
Patrick Schleizer	b6433309fd	use end-of-options	2024-10-18 12:45:02 -04:00
Patrick Schleizer	0cfcdf4f89	bumped changelog version	2024-10-16 10:57:20 +00:00
Patrick Schleizer	0adb9b7c06	Merge remote-tracking branch 'github-kicksecure/master'	2024-10-16 06:31:09 -04:00
Patrick Schleizer	e50ad807c0	Merge pull request #276 from raja-grewal/KSPP_header Clarify KSPP compliance header	2024-10-16 06:29:25 -04:00
raja-grewal	eb72163d57	README.md: Make line lengths consistent	2024-10-14 03:01:15 +00:00
raja-grewal	a9f238fe04	README.md: Split optional setting to new line	2024-10-14 02:57:31 +00:00
raja-grewal	09fe46adc9	Clarify KSPP compliance header for the undocumented case	2024-10-14 02:54:30 +00:00
Patrick Schleizer	263335f74e	bumped changelog version	2024-10-08 11:24:56 +00:00
Patrick Schleizer	9169611645	Merge remote-tracking branch 'github-kicksecure/master'	2024-10-08 05:54:50 -04:00
Patrick Schleizer	8227a3dde2	Merge pull request #273 from raja-grewal/text_2 Documentation update 2	2024-10-08 05:53:48 -04:00
raja-grewal	0c0774f6c0	Merge branch 'master' into text_2	2024-10-06 10:48:52 +00:00
raja-grewal	dc470cac1d	Remmove deprecated link	2024-10-06 10:46:05 +00:00
Patrick Schleizer	8a2d432ffe	bumped changelog version	2024-10-03 07:22:23 +00:00
Patrick Schleizer	0e3ffa3f11	no longer set `kernel.unprivileged_userns_clone=0` because it breaks too much fixes https://github.com/Kicksecure/security-misc/issues/274	2024-10-03 02:58:58 -04:00
Patrick Schleizer	f401d94d5e	expand documentation on `kernel.unprivileged_userns_clone=0` sysctl https://github.com/Kicksecure/security-misc/issues/274	2024-10-03 02:44:06 -04:00
raja-grewal	ac1378743c	Consistent formatting	2024-09-30 16:56:18 +10:00
raja-grewal	eae38e72f3	README.md: Show the current max_map_count	2024-09-26 13:10:36 +00:00
raja-grewal	f3b50a23c9	Add reference on unprivileged_userns_restriction	2024-09-26 13:10:01 +00:00
raja-grewal	39d063d494	Add KSPP=no definition	2024-09-26 13:09:21 +00:00

1 2 3 4 5 ...

2448 Commits