security-misc

mirrors/security-misc

Fork 0

mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-22 20:13:35 +07:00

Commit Graph

Select branches

Hide Pull Requests

Whonix13

gitconfig

master

permission-hardener-mount

#1

#10

#100

#101

#103

#104

#108

#109

#11

#110

#111

#112

#113

#114

#115

#118

#119

#12

#120

#121

#122

#124

#125

#126

#129

#13

#131

#133

#134

#135

#139

#14

#140

#141

#142

#143

#144

#145

#146

#147

#148

#149

#15

#150

#151

#152

#153

#16

#165

#166

#166

#167

#17

#170

#171

#176

#178

#18

#181

#182

#183

#19

#193

#194

#195

#197

#2

#20

#200

#202

#204

#21

#211

#216

#218

#219

#22

#220

#221

#222

#226

#227

#228

#228

#229

#229

#23

#230

#231

#232

#233

#234

#235

#236

#237

#238

#24

#240

#241

#242

#243

#244

#245

#246

#247

#248

#249

#25

#250

#251

#252

#254

#255

#257

#258

#259

#26

#260

#261

#262

#263

#264

#265

#266

#268

#269

#27

#270

#272

#273

#276

#279

#28

#280

#282

#285

#286

#286

#287

#288

#288

#289

#289

#29

#290

#290

#291

#291

#292

#292

#3

#30

#31

#32

#33

#34

#35

#36

#37

#38

#39

#4

#40

#41

#42

#43

#44

#45

#46

#47

#48

#49

#5

#50

#51

#52

#53

#54

#55

#56

#57

#58

#59

#6

#60

#61

#62

#63

#64

#65

#66

#68

#69

#7

#70

#71

#72

#73

#74

#75

#76

#77

#78

#79

#8

#80

#81

#82

#83

#84

#85

#86

#87

#88

#89

#9

#90

#91

#92

#93

#94

#95

#96

#97

#98

#99

0.4-1

0.6-1

0.7-1

0.8-1

1.3-1

1.4-1

1.5-1

1.6-1

1.7-1

1.8-1

1.9-1

10.1-1

10.2-1

10.3-1

10.4-1

10.5-1

10.6-1

10.7-1

10.8-1

10.9-1

11.0-1

11.1-1

11.2-1

11.3-1

11.4-1

11.5-1

11.6-1

11.7-1

11.8-1

11.9-1

12.0-1

12.1-1

12.2-1

12.3-1

12.4-1

12.5-1

12.6-1

12.7-1

12.8-1

12.9-1

13.0-1

13.1-1

13.2-1

13.3-1

13.4-1

13.5-1

13.6-1

13.7-1

13.8-1

13.9-1

14.0-1

14.1-1

14.2-1

14.3-1

14.4-1

14.5-1

14.6-1

14.7-1

14.8-1

14.9-1

15.0-1

15.1-1

15.2-1

15.3-1

15.4-1

15.5-1

15.6-1

15.7-1

15.8-1

15.9-1

16.0-1

16.1-1

16.2-1

16.3-1

16.4-1

16.5-1

16.6-1

16.7-1

16.8-1

16.9-1

17.0-1

17.1-1

17.2-1

17.3-1

17.4-1

17.5-1

17.6-1

17.7-1

17.8-1

17.9-1

18.0-1

18.1-1

18.2-1

18.3-1

18.4-1

18.5-1

18.6-1

18.7-1

18.8-1

18.9-1

19.0-1

19.1-1

19.2-1

19.3-1

19.4-1

19.5-1

19.6-1

19.7-1

19.8-1

19.9-1

2.0-1

2.1-1

2.2-1

2.3-1

2.4-1

2.5-1

2.6-1

2.7-1

2.8-1

2.9-1

20.0-1

20.1-1

20.2-1

20.3-1

20.4-1

20.5-1

20.6-1

20.7-1

20.8-1

20.9-1

21.0-1

21.1-1

21.2-1

21.3-1

21.4-1

21.5-1

21.6-1

21.7-1

21.8-1

21.9-1

22.0-1

22.1-1

22.2-1

22.3-1

22.4-1

22.5-1

22.6-1

22.7-1

22.8-1

22.9-1

23.0-1

23.1-1

23.2-1

23.3-1

23.4-1

23.5-1

23.6-1

23.7-1

23.8-1

23.9-1

24.0-1

24.1-1

24.2-1

24.3-1

24.4-1

24.5-1

24.6-1

24.7-1

24.8-1

24.9-1

25.0-1

25.1-1

25.2-1

25.3-1

25.4-1

25.5-1

25.6-1

25.7-1

25.8-1

25.9-1

26.0-1

26.1-1

26.2-1

26.3-1

26.4-1

26.5-1

26.6-1

26.7-1

26.8-1

26.9-1

27.0-1

27.1-1

27.2-1

27.3-1

27.4-1

27.5-1

27.6-1

27.7-1

27.8-1

27.9-1

28.0-1

28.1-1

28.2-1

28.3-1

28.4-1

28.5-1

28.6-1

28.7-1

28.8-1

28.9-1

29.0-1

29.1-1

29.2-1

29.3-1

29.4-1

29.5-1

29.6-1

29.7-1

29.8-1

29.9-1

3.0-1

3.1-1

3.2-1

3.3-1

3.4-1

3.5-1

3.6-1

3.7-1

3.8-1

3.9-1

30.0-1

30.1-1

30.2-1

30.3-1

30.5-1

30.6-1

30.7-1

30.8-1

30.9-1

31.0-1

31.1-1

31.2-1

31.3-1

31.4-1

31.5-1

31.6-1

31.7-1

31.8-1

31.9-1

32.0-1

32.1-1

32.2-1

32.3-1

32.4-1

32.5-1

32.6-1

32.7-1

32.8-1

32.9-1

33.0-1

33.1-1

33.2-1

33.3-1

33.4-1

33.5-1

33.6-1

33.7-1

33.8-1

33.9-1

34.0-1

34.1-1

34.2-1

34.3-1

34.4-1

34.5-1

34.6-1

34.7-1

34.8-1

34.9-1

35.0-1

35.1-1

35.2-1

35.3-1

35.4-1

35.5-1

35.6-1

35.7-1

35.8-1

35.9-1

36.0-1

36.1-1

36.2-1

36.3-1

36.4-1

36.5-1

36.6-1

36.7-1

36.8-1

36.9-1

37.0-1

37.1-1

37.2-1

37.3-1

37.4-1

37.5-1

37.6-1

37.7-1

37.8-1

37.9-1

38.0-1

38.1-1

38.2-1

38.3-1

38.4-1

38.5-1

38.6-1

38.7-1

38.8-1

38.9-1

39.0-1

39.1-1

39.2-1

39.3-1

39.4-1

39.5-1

39.6-1

39.7-1

39.8-1

39.9-1

4.0-1

4.1-1

4.2-1

4.3-1

4.4-1

4.5-1

4.6-1

4.7-1

4.8-1

4.9-1

40.0-1

40.1-1

40.2-1

40.3-1

40.4-1

40.5-1

40.6-1

40.7-1

40.8-1

40.9-1

41.0-1

41.1-1

41.2-1

41.3-1

41.4-1

5.0-1

5.1-1

5.2-1

5.3-1

5.4-1

5.5-1

5.6-1

5.7-1

5.8-1

5.9-1

6.0-1

6.1-1

6.2-1

6.3-1

6.4-1

6.5-1

6.6-1

6.7-1

6.8-1

6.9-1

7.0-1

7.1-1

7.2-1

7.3-1

7.4-1

7.5-1

7.6-1

7.7-1

7.8-1

7.9-1

8.0-1

8.1-1

8.2-1

8.3-1

8.4-1

8.5-1

8.6-1

8.7-1

8.8-1

8.9-1

9.0-1

9.1-1

9.10-1

9.11-1

9.12-1

9.2-1

9.3-1

9.4-1

9.5-1

9.6-1

9.7-1

9.8-1

9.9-1

15e0af41dd

Merge 642b4eeedc into 721b100fb6 raja-grewal 2024-12-19 22:02:07 +1100
9c2e8962b0

Merge 750367a906 into 721b100fb6 raja-grewal 2024-12-19 21:59:02 +1100
b6670c704c

Merge c37f4efadf into 721b100fb6 raja-grewal 2024-12-19 21:59:02 +1100
ea9ff31924

Merge af1d06973b into 721b100fb6 raja-grewal 2024-12-19 21:59:01 +1100
5bb71f7944

Merge 2e6e1701a0 into 721b100fb6 raja-grewal 2024-12-19 21:59:01 +1100
721b100fb6

bumped changelog version master 41.4-1 Patrick Schleizer 2024-12-19 10:58:50 +0000
642b4eeedc

Add link to tabular comparison of CPU mitigations raja-grewal 2024-12-19 21:57:25 +1100
175b442d5b

use long option name Patrick Schleizer 2024-12-19 05:56:50 -0500
c99021bb0c

Merge remote-tracking branch 'ArrayBolt3/arraybolt3/sysmaint' Patrick Schleizer 2024-12-19 05:56:01 -0500
2e6e1701a0

Set net.ipv4.conf.*.drop_gratuitous_arp=1 raja-grewal 2024-12-19 10:35:08 +0000
c37f4efadf

Set net.ipv4.conf.*.arp_ignore=2 raja-grewal 2024-12-19 10:33:49 +0000
af1d06973b

Set net.ipv4.conf.*.arp_filter=1 raja-grewal 2024-12-19 10:31:43 +0000
750367a906

Set net.ipv4.conf.*.shared_media=0 raja-grewal 2024-12-19 10:29:56 +0000
95b535764c

bumped changelog version 41.3-1 Patrick Schleizer 2024-12-19 09:43:26 +0000
daf0a0900b

fix apt-get-update for non-English locale Patrick Schleizer 2024-12-19 04:39:34 -0500
e9a5b14a0d

bumped changelog version 41.2-1 Patrick Schleizer 2024-12-19 06:57:42 +0000
0d8f47aa34

Merge 4cae74d610 into c7f7196471 monsieuremre 2024-12-19 00:35:17 -0500
3135a03e21

Merge remote-tracking branch 'github-kicksecure/master' Patrick Schleizer 2024-12-19 00:34:56 -0500
c7f7196471

Merge pull request #287 from raja-grewal/patch Patrick Schleizer 2024-12-19 00:31:25 -0500
f0c611d9ed

comment Patrick Schleizer 2024-12-19 00:18:25 -0500
4f681be774

Merge remote-tracking branch 'github-kicksecure/master' Patrick Schleizer 2024-12-19 00:17:44 -0500
e5b67e044b

Merge pull request #279 from raja-grewal/arp Patrick Schleizer 2024-12-19 00:15:02 -0500
4cf5757575

Merge pull request #282 from ArrayBolt3/arraybolt3/umask Patrick Schleizer 2024-12-19 00:08:56 -0500
9d69cd1912

Add sysmaint account lock detection Aaron Rainbolt 2024-12-18 21:34:16 -0600
3749f8ff09

Update presentation on user namespaces raja-grewal 2024-12-18 03:36:09 +0000
0dff2cd28f

Minor additions raja-grewal 2024-12-18 03:32:35 +0000
3e96fdd9cc

Enable kvm.mitigate_smt_rsb=1 raja-grewal 2024-12-17 11:44:11 +0000
45355aabdc

Enable kvm-intel.vmentry_l1d_flush=always raja-grewal 2024-12-17 11:42:52 +0000
defba1f245

Refactor CPU mitigations raja-grewal 2024-12-17 11:42:03 +0000
943c421889

Minor refactoring raja-grewal 2024-12-17 11:40:38 +0000
ca3a73ac13

Typo raja-grewal 2024-12-17 11:37:10 +0000
de9b2d2218

Merge 3e59f92b31 into 9d06341c91 ben-grande 2024-12-17 02:56:58 +0000
3e59f92b31

Reset file attributes if no configuration matches Ben Grande 2024-12-17 03:55:21 +0100
4c3ca68453

Disable unnecessary sudoers exceptions Aaron Rainbolt 2024-12-09 12:37:11 -0600
9d06341c91

Merge pull request #285 from Kicksecure/permission-hardener-mount Patrick Schleizer 2024-12-14 15:18:56 -0500
c116796854

arp_ignore: Add reference to 2024-12-10 Mullvad VPN audit details raja-grewal 2024-12-12 06:36:47 +0000
a9dd592a8b

bumped changelog version 41.1-1 Patrick Schleizer 2024-12-10 19:19:10 +0000
58722324ec

Merge remote-tracking branch 'ArrayBolt3/arraybolt3/no-recovery-mode' Patrick Schleizer 2024-12-10 14:18:50 -0500
518224b8cf

bumped changelog version 41.0-1 Patrick Schleizer 2024-12-10 19:17:10 +0000
439fa7f3be

Harden/disable recovery mode options Aaron Rainbolt 2024-12-08 03:21:27 -0600
7902311c57

do not create /etc/sysctl.d/30-lkrg-virtualbox.conf if LKRG is not installed Patrick Schleizer 2024-12-07 04:54:47 -0500
1ce37d42cd

. Patrick Schleizer 2024-12-07 04:50:40 -0500
5b88e92e5c

permission hardner: treat mount the same way we treat umount permission-hardener-mount Patrick Schleizer 2024-12-06 09:48:58 -0500
93b51819d4

permission hardener mount chmod change from 745 to 755 Patrick Schleizer 2024-12-06 09:47:08 -0500
1708a03e1e

Enable umask hardening Aaron Rainbolt 2024-11-28 15:20:57 -0600
59299a6639

bumped changelog version 40.9-1 Patrick Schleizer 2024-11-25 21:07:42 +0000
98d7c245ee

"|| exit 1" no longer required thanks to errexit Patrick Schleizer 2024-11-25 15:57:30 -0500
f9b5d7d3f4

use strict shell options Patrick Schleizer 2024-11-25 15:48:01 -0500
d32cb8c95b

use TMP, sponge, refactoring Patrick Schleizer 2024-11-25 15:44:00 -0500
62a551cfe3

Merge remote-tracking branch 'ArrayBolt3/arraybolt3/sudoers' Patrick Schleizer 2024-11-25 15:38:01 -0500
d7475e252a

Make apt-get-update able to be terminated securely Aaron Rainbolt 2024-11-21 20:03:42 -0600
af43472d0c

bumped changelog version 40.8-1 Patrick Schleizer 2024-11-14 22:24:50 +0000
c7e9460b2a

output Patrick Schleizer 2024-11-14 16:31:12 -0500
31804e30ec

bumped changelog version 40.7-1 Patrick Schleizer 2024-11-14 20:46:26 +0000
ef95b3f9a5

Revert "fix panic-on-oops.service" Patrick Schleizer 2024-11-14 14:41:14 -0500
412b371e85

Merge branch 'Kicksecure:master' into arp raja-grewal 2024-11-13 16:47:57 +1100
141b84c40d

Provide option to deny sending and receiving shared media redirects raja-grewal 2024-11-13 05:42:56 +0000
18aec201bf

Provide option to harden response to ARP requests raja-grewal 2024-11-13 05:41:25 +0000
a25d4f8df8

Provide option to enable ARP filtering raja-grewal 2024-11-13 05:40:21 +0000
c2aae73ce1

Add reference and move text raja-grewal 2024-11-13 05:38:03 +0000
57e1edde23

bumped changelog version 40.6-1 Patrick Schleizer 2024-11-12 09:11:57 +0000
7987a3914d

deleted no longer used and out-commented /etc/sudoers.d/xfce-security-misc leftover Patrick Schleizer 2024-11-12 02:29:42 -0500
8c2e8e6979

deleted no longer used and out-commented etc/sudoers.d/pkexec-security-misc leftover Patrick Schleizer 2024-11-12 01:41:12 -0500
65fc0419a8

bumped changelog version 40.5-1 Patrick Schleizer 2024-11-11 11:07:57 +0000
50161f5d79

moved /etc/dkms/framework.conf.d/30_security-misc.conf (renamed) to usability-misc Patrick Schleizer 2024-11-11 05:48:11 -0500
7c06e22c7d

deleted /usr/bin/pkexec.security-misc Patrick Schleizer 2024-11-11 05:43:25 -0500
ef05b1a160

disable legacy matroxfb_base framebuffer driver Patrick Schleizer 2024-11-11 05:40:41 -0500
862d23cb10

fix panic-on-oops.service Patrick Schleizer 2024-11-11 05:36:41 -0500
29ae5f5980

fix optional opt-in harden-module-loading.service Patrick Schleizer 2024-11-11 05:28:31 -0500
4c649577f0

bumped changelog version 40.4-1 Patrick Schleizer 2024-11-10 11:52:42 +0000
29b1f1ec5f

Merge remote-tracking branch 'github-kicksecure/master' Patrick Schleizer 2024-11-10 06:32:30 -0500
5bd0a277bf

fix permission-hardener issue "Removing capabilities failed. File: '/bin/ping'" Patrick Schleizer 2024-11-10 06:29:17 -0500
238f32e81d

Merge pull request #280 from raja-grewal/ssbd Patrick Schleizer 2024-11-08 07:39:40 -0500
8107782fa5

Enable ssbd=force-on raja-grewal 2024-11-08 15:36:04 +1100
a1d1f97955

Provide option to drop gratuitous ARP packets raja-grewal 2024-11-08 03:58:23 +0000
3af2684134

bumped changelog version 40.3-1 Patrick Schleizer 2024-10-30 09:43:05 +0000
71c58442ca

minor Patrick Schleizer 2024-10-28 05:10:19 -0400
cfe19e31d8

shell options Patrick Schleizer 2024-10-28 05:09:53 -0400
0d50615658

local Patrick Schleizer 2024-10-28 05:07:00 -0400
ef0eb5f7a0

refactoring Patrick Schleizer 2024-10-28 05:06:26 -0400
fdd1f4b7f8

refactoring Patrick Schleizer 2024-10-28 05:06:05 -0400
d00235897d

hide-hardware-info: also parse /usr/local/etc/hide-hardware-info.d/*.conf Patrick Schleizer 2024-10-28 05:03:59 -0400
6c2e808b9f

refactoring Patrick Schleizer 2024-10-28 05:03:20 -0400
b44e507900

bumped changelog version 40.2-1 Patrick Schleizer 2024-10-23 09:56:05 +0000
566cda5e4b

output Patrick Schleizer 2024-10-21 05:47:38 -0400
5991a23049

comment Patrick Schleizer 2024-10-21 05:47:25 -0400
fd34baff8f

Merge remote-tracking branch 'ArrayBolt3/master' Patrick Schleizer 2024-10-21 05:43:53 -0400
690e8dd826

Avoid faillock lock/tally reset on reboot or timeout Aaron Rainbolt 2024-10-19 23:49:07 -0500
b6433309fd

use end-of-options Patrick Schleizer 2024-10-18 12:45:02 -0400
0cfcdf4f89

bumped changelog version 40.1-1 Patrick Schleizer 2024-10-16 10:57:20 +0000
0adb9b7c06

Merge remote-tracking branch 'github-kicksecure/master' Patrick Schleizer 2024-10-16 06:31:09 -0400
e50ad807c0

Merge pull request #276 from raja-grewal/KSPP_header Patrick Schleizer 2024-10-16 06:29:25 -0400
eb72163d57

README.md: Make line lengths consistent raja-grewal 2024-10-14 03:01:15 +0000
a9f238fe04

README.md: Split optional setting to new line raja-grewal 2024-10-14 02:57:31 +0000
09fe46adc9

Clarify KSPP compliance header for the undocumented case raja-grewal 2024-10-14 02:54:30 +0000
263335f74e

bumped changelog version 40.0-1 Patrick Schleizer 2024-10-08 11:24:56 +0000
9169611645

Merge remote-tracking branch 'github-kicksecure/master' Patrick Schleizer 2024-10-08 05:54:50 -0400
8227a3dde2

Merge pull request #273 from raja-grewal/text_2 Patrick Schleizer 2024-10-08 05:53:48 -0400
0c0774f6c0

Merge branch 'master' into text_2 raja-grewal 2024-10-06 10:48:52 +0000
dc470cac1d

Remmove deprecated link raja-grewal 2024-10-06 10:46:05 +0000