-
### Which feature would you like to have?
- [x] indentation is not standardised. Some place have no spaces, some have 2 spaces, some 3, some 4 and in some place there are tabs.
- [ ] there are mul…
-
**Description**
dockerd and docker-containerd are not compiled with Stack Canary (buffer overflow protection technique), or PIE (ASLR technique) for Fedora packages (and others I assume). They are …
-
DB corruption on signing node should be handled carefully, for now we can do:
- [x] Stop db from resetting and exit directly, as pulling blocks from random nodes is not reliable
We can't do db a…
-
-
As per Our Infosec team, Every server should be using Hardened AMI according to there policies.
While we do the same for EKS AMI worker nodes are terminated before starting. Any suggestions?
-
In the [Bitcoin Peg](https://github.com/nomic-io/bitcoin-peg/blob/master/bitcoinPeg.md) doc, it says:
> To disburse funds from the reserve, more than two-thirds of the validator set must sign the B…
-
Maybe following CIS guidelines to thing about:
CIS - 9.3.1 Set SSH Protocol to 2
CIS - 9.3.2 Set LogLevel to INFO
CIS - 9.3.3 Set Permissions on /etc/ssh/sshd_config
CIS - 9.3.(4,7,8,9,10) Disab…
-
## Feature Request or Enhancement
- Feature []
- Enhancement [X]
**Summary of Request**
In `site.yml`, hosts is not configurable and is hard-coded to all
```yaml
- name: Run RHEL8 CIS hard…
-
**Describe the benefit this feature would provide to the project**
The default hardening makes debug operations near impossible.
This would allow temporal debug operations.
**Describe the solutio…
-
## Description
I'm not sure if there's a dedicated repository for the kernel used on the SecureDrop servers anymore, so let me know where to put this. But this is a continuation of some prior updat…
ageis updated
2 years ago