b4265195f4
refactoring
2019-12-08 02:41:36 -05:00
0f65b2e85c
abort installation if no user is a member of group "console"; output
...
https://forums.whonix.org/t/etc-security-hardening-console-lockdown-pam-access-access-conf/8592/7
2019-12-08 02:38:19 -05:00
1dbca1ea2d
add usr/bin/hardening-enable
2019-12-08 02:27:09 -05:00
19cc6d7555
pam description
2019-12-08 02:10:43 -05:00
24423b42f0
description
2019-12-08 02:03:05 -05:00
6b01e5be14
comment
2019-12-08 02:01:22 -05:00
66bebefc9f
description
2019-12-08 02:00:23 -05:00
52e0f104cc
comment
2019-12-08 01:59:55 -05:00
731d486fa0
refactoring
2019-12-08 01:58:58 -05:00
221a2df2a2
refactoring
2019-12-08 01:58:37 -05:00
b871421a54
usr/share/pam-configs/console-lockdown -> usr/share/pam-configs/console-lockdown-security-misc
2019-12-08 01:57:43 -05:00
d36669596f
comment
2019-12-08 01:56:30 -05:00
1a0f353708
comment
2019-12-08 01:47:40 -05:00
eed1f0a462
comment
2019-12-08 01:46:32 -05:00
2491b62393
refactoring, add all groups first before adding any users to any groups
2019-12-08 01:43:45 -05:00
1464f01d19
description
2019-12-08 01:30:42 -05:00
491dd4d93d
Merge remote-tracking branch 'origin/master'
2019-12-08 01:22:16 -05:00
a78a7e5571
Merge pull request #41 from madaidan/system.map
...
Check for more locations of System.map
2019-12-08 06:21:44 +00:00
6846a94327
Check for more locations of System.map
2019-12-07 19:38:12 +00:00
9432d16378
/usr/bin/cat mrix,
2019-12-07 12:13:42 -05:00
373e8733d3
Merge remote-tracking branch 'origin/master'
2019-12-07 11:34:42 -05:00
447eb14432
Merge pull request #40 from madaidan/system.map
...
Remove hyphen from remove-system.map
2019-12-07 16:34:21 +00:00
c1800b13fe
separate group "ssh" for incoming ssh console permission
...
Thanks to @madaidan
https://forums.whonix.org/t/etc-security-hardening-console-lockdown-pam-access-access-conf/8592/16
2019-12-07 11:26:39 -05:00
668b6420de
Remove hyphen
2019-12-07 14:15:02 +00:00
55225aa30e
description
2019-12-07 07:16:07 -05:00
34a2bc16c8
description
2019-12-07 07:15:58 -05:00
d823f06c78
description
2019-12-07 07:13:42 -05:00
9ba84f34c6
comment
2019-12-07 06:51:59 -05:00
dc1dfc8c20
output
2019-12-07 06:51:16 -05:00
8636d2f629
add securetty
2019-12-07 06:51:10 -05:00
532a1525c2
comment
2019-12-07 06:26:55 -05:00
14aa6c5077
comment
2019-12-07 06:26:23 -05:00
8b3f5a555b
add console lockdown to pam info output
2019-12-07 06:25:45 -05:00
021b06dac9
add hvc0 to hvc9
2019-12-07 06:04:45 -05:00
8a59662a44
comment
2019-12-07 06:02:45 -05:00
090ddbe96a
description
2019-12-07 06:00:41 -05:00
cda6724755
add pts/0 to pts/9
2019-12-07 05:56:57 -05:00
218cbddba9
comment
2019-12-07 05:52:06 -05:00
6479c883bf
Console Lockdown.
...
Allow members of group 'console' to use tty1 to tty7. Everyone else except
members of group 'console-unrestricted' are restricted from using console
using ancient, unpopular login methods such as using /bin/login over networks,
which might be exploitable. (CVE-2001-0797)
Not enabled by default in this package since this package does not know which
users shall be added to group 'console'.
In new Whonix builds, user 'user" will be added to group 'console' and
pam console-lockdown enabled by package anon-base-files.
/usr/share/pam-configs/console-lockdown
/etc/security/access-security-misc.conf
https://forums.whonix.org/t/etc-security-hardening/8592
2019-12-07 05:40:20 -05:00
52934c9288
bumped changelog version
2019-12-07 02:02:32 -05:00
6faa977cd7
readme
2019-12-07 02:02:06 -05:00
6d92d03b31
description
2019-12-07 01:54:50 -05:00
5a4eda0d05
also support /usr/local/etc/remount-disable and /usr/local/etc/noexec
2019-12-07 01:53:33 -05:00
0afcc5e798
bumped changelog version
2019-12-06 12:43:21 -05:00
2954dcbccf
minor
2019-12-06 12:24:55 -05:00
f3647e7478
RemainAfterExit=yes
2019-12-06 12:18:18 -05:00
af0cf058e7
bumped changelog version
2019-12-06 11:18:20 -05:00
9b14f24d5e
refactoring
2019-12-06 11:17:32 -05:00
a6133f5912
output
2019-12-06 11:16:43 -05:00
c1ea35e2ef
output
2019-12-06 11:15:54 -05:00
