af9e19c51f
Update control
2019-12-05 20:14:55 +00:00
0c25a96b59
description / comments
2019-12-03 02:18:32 -05:00
8d63da3cef
Update control
2019-12-02 16:46:12 +00:00
25aed91eb1
description
2019-11-28 09:20:46 -05:00
0c4e5df3e0
description
2019-11-28 09:18:05 -05:00
5ac2a6f9ac
description
2019-11-28 09:17:32 -05:00
aa5451c8cd
Lock user accounts after 50 rather than 100 failed login attempts.
...
https://forums.whonix.org/t/how-strong-do-linux-user-account-passwords-have-to-be-when-using-full-disk-encryption-fde-too/7698/19
2019-11-25 01:39:53 -05:00
fe1f1b73a7
load jitterentropy_rng kernel module for better entropy collection
...
https://www.whonix.org/wiki/Dev/Entropy
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927972
https://forums.whonix.org/t/jitterentropy-rngd/7204
2019-11-23 11:20:32 +00:00
b55c2fd62e
Enables punycode (network.IDN_show_punycode) by default in Thunderbird
...
to make phising attacks more difficult. Fixing URL not showing real Domain
Name (Homograph attack).
https://forums.whonix.org/t/enable-network-idn-show-punycode-by-default-in-thunderbird-to-fix-url-not-showing-real-domain-name-homograph-attack-punycode/8415
2019-11-03 02:50:51 -05:00
203d5cfa68
copyright
2019-10-31 11:19:44 -04:00
fe4e29d392
Depend on dh-apparmor
2019-10-28 14:22:47 +00:00
40707e70db
Redirect calls for pkexec to lxqt-sudo because pkexec is incompatible with hidepid.
...
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860040
https://forums.whonix.org/t/cannot-use-pkexec/8129
Thanks to AnonymousUser for the bug report!
2019-10-21 05:46:49 -04:00
d301e7f365
description, fix lintian warning
2019-10-18 10:36:44 +00:00
259b1f2c71
Update control
2019-10-16 19:21:24 +00:00
8b4f2befd4
comment out sack by default
...
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/8?u=patrick
2019-10-05 13:15:34 +00:00
02096f8d7c
Revert "undo Disabling TCP SACK, DSACK, FACK"
...
This reverts commit 5fb4eb8e56
2019-10-05 13:13:46 +00:00
5fb4eb8e56
undo Disabling TCP SACK, DSACK, FACK
...
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/5
2019-10-05 07:00:47 -04:00
ec5fcf813b
Update control
2019-10-03 20:50:48 +00:00
619550da23
description
2019-09-15 14:00:24 +00:00
b95b66e429
description
2019-09-15 13:56:37 +00:00
ae804a15e7
description
2019-09-15 13:21:02 +00:00
f13a73e569
undo SysRq restrictions
...
https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079
2019-09-10 12:35:42 -04:00
661bcd8603
allow loading unsigned modules due to issues
...
https://forums.whonix.org/t/allow-loading-signed-kernel-modules-by-default-disallow-kernel-module-loading-by-default/7880/23
2019-09-07 05:39:56 +00:00
5960c1682a
description
2019-09-06 11:46:22 +00:00
fccfacfdaf
description
2019-09-06 11:45:54 +00:00
0e20e33d16
description
2019-09-05 02:31:57 -04:00
0b3dcef13d
description
2019-09-05 02:30:40 -04:00
f2e5883b4c
description
2019-09-05 02:29:48 -04:00
a4913ae092
description
2019-09-05 02:28:43 -04:00
3a5bdddf5c
depend on adduser
2019-08-31 08:43:46 -04:00
0ae5c5ff14
remove umask changes since these are causing issues are are not needed anymore
...
thanks to home folder permission lockdown
https://forums.whonix.org/t/change-default-umask/7416/45
2019-08-24 12:14:22 -04:00
a74b983283
remove LLC - IEEE 802.2 from blacklist
...
since required by KVM
https://forums.whonix.org/t/whonix-desktop-installer-with-calamares-field-report/7350/107
https://forums.whonix.org/t/blacklist-uncommon-network-protocols/7391/22
https://github.com/Whonix/security-misc/pull/29
2019-08-19 12:46:59 +00:00
e535232728
description
2019-08-17 10:37:49 +00:00
7ffdd7c240
description
2019-08-17 10:37:42 +00:00
207399439f
description
2019-08-17 10:37:36 +00:00
d4fb485e70
description
2019-08-17 10:35:31 +00:00
ed90d8b025
change default umask to 027
...
as per:
https://forums.whonix.org/t/change-default-umask/7416/47
2019-08-17 09:55:20 +00:00
f9e3825e91
fix lintian warning
2019-08-16 16:05:09 +00:00
224f95799c
sudo default umask 006
...
https://forums.whonix.org/t/change-default-umask/7416/43
2019-08-16 11:15:25 -04:00
85502ad430
Merge branch 'master' into patch-21
2019-08-16 14:35:51 +00:00
ff9bc1d7ea
informational output during PAM:
...
* Show failed and remaining password attempts.
* Document unlock procedure if Linux user account got locked.
* Point out, that there is no password feedback for `su`.
* Explain locked (root) account if locked.
* /usr/share/pam-configs/tally2-security-misc
* /usr/lib/security-misc/pam_tally2-info
2019-08-15 13:37:28 +00:00
a7c25a451c
remove unneeded dependency on libpam-cgfs
2019-08-14 11:50:53 +00:00
0feb54b28e
add Depends: apparmor-profile-anondist to fix apparmor issue
...
sudo[19806]: pam_exec(sudo:session): execve(/usr/lib/security-misc/permission-lockdown,...) failed: Permission denied
sudo[18961]: pam_exec(sudo:session): /usr/lib/security-misc/permission-lockdown failed: exit code 13
kernel: audit: type=1400 audit(1565780860.972:224): apparmor="DENIED" operation="exec" profile="/usr/bin/whonixcheck" name="/usr/lib/security-misc/permission-lockdown" pid=19806 comm="sudo" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
2019-08-14 11:10:18 +00:00
01b3a0bfae
description
2019-08-14 09:52:53 +00:00
dee195d89e
description
2019-08-14 09:40:41 +00:00
42f2d5f666
description
2019-08-14 07:39:28 +00:00
f210294f40
description
2019-08-14 07:24:24 +00:00
a82448d46a
description
2019-08-14 07:01:25 +00:00
aacd9c7679
description
2019-08-11 10:34:38 +00:00
c0b5c70de4
description
2019-08-11 10:33:22 +00:00
