Kicksecure security-misc issues

Kicksecure / security-misc

Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc

https://www.kicksecure.com/wiki/Impressum

Other

479 stars 51 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

fix(etc): delete typo in /etc/apparmor.d tunables

#227 maybebyte closed 2 weeks ago
0
add `/etc/gitconfig` by default for better `git` security

#226 adrelanos closed 1 month ago
0
add `/etc/gitconfig` for better git security

#225 adrelanos opened 1 month ago
4
Suggestions for kernel modules blacklisted in /etc/modprobe.d/30_security-misc.conf

#224 MikeHorn-git opened 1 month ago
8
improve GnuPG configuration file `/etc/skel/.gnupg/gpg.conf`

#223 adrelanos opened 1 month ago
7
Update Readme and Copyright

#222 raja-grewal closed 1 month ago
1
Disable Firewire Module

#221 raja-grewal closed 1 month ago
1
Block Several GPS-related Modules

#220 raja-grewal closed 1 month ago
1
Revert Logging of Martians

#219 raja-grewal closed 1 month ago
1
More CPU Mitigations and Additional References

#218 raja-grewal closed 1 month ago
1
Blacklist other GPS modules like GNSS

#217 souchikjoardar201 opened 2 months ago
2
BHI mitigation on Intel CPUs

#216 raja-grewal closed 2 months ago
0
allow MSR kernel module being load / move from security-misc to vm-config-dist

#215 adrelanos closed 2 months ago
0
/lib/sysctl.d/990-security-misc.conf - log_martians

#214 the-moog closed 1 month ago
2
Harden all system services by default

#213 monsieuremre opened 3 months ago
8
`proc-hidepid.service`: Fixing `pkexec` related issues

#212 adrelanos opened 3 months ago
0
Create proc group on install

#211 wryMitts closed 3 months ago
1
`proc-hidepid.service` fails if proc user does not exist

#210 wryMitts closed 3 months ago
0
`hide-hardware-info.service`: hide `/sys/kernel/notes` due to accidental pointer leaks on xen systems. Leak defeats KASLR

#209 wryMitts closed 3 months ago
1
`proc-hidepid.service`: Fixing Systemd related issues

#208 wryMitts opened 3 months ago
7
`hide-hardware-info.service`: hide `/proc/dynamic_debug/`

#207 wryMitts opened 4 months ago
1
`hide-hardware-info.service`: hide `/proc/kallsyms`

#206 adrelanos opened 4 months ago
1
`remount-secure`: use `procfs` mount option `subset` (`hide-hardware-info.service`)

#205 adrelanos opened 4 months ago
5
Make /sys hardening optional and allow access to /sys/fs to make polkit work

#204 DanWin closed 4 months ago
2
test remount-secure script and systemd unit

#203 adrelanos opened 4 months ago
3
Secure Bind Mount & Protect Hardware

#202 monsieuremre closed 4 months ago
4
sgid (set-group-ID) pkexec to fix hidepid

#201 adrelanos closed 4 months ago
2
Remove redundant kernel arguments

#200 TommyTran732 closed 1 month ago
2
Redundant kernel args

#199 TommyTran732 opened 4 months ago
11
pam-tmpdir-helper breaks certain initramfs-update actions on systems with noexec on the /tmp mount

#198 wryMitts opened 4 months ago
4
Additional Explicit CPU Mitigations

#197 raja-grewal closed 4 months ago
1
automatic trigger of permission-hardener after APT package installation broken

#196 adrelanos closed 5 months ago
0
Mount Secure

#195 monsieuremre closed 4 months ago
14
Umask Settings

#194 monsieuremre opened 5 months ago
5
Hardened Malloc

#193 monsieuremre closed 5 months ago
4
Kicksecure Default Browser Discussion

#192 monsieuremre opened 5 months ago
82
`flatpak remote-add` TOFU and TLS security issue / use stronger authentication than TLS

#191 adrelanos closed 5 months ago
1
usrmerge

#190 adrelanos closed 5 months ago
0
run permission-hardener after APT package installation

#189 adrelanos closed 5 months ago
1
Implement MAC randomization to copy Androids behavior

#188 EclipseBazooka opened 5 months ago
4
Split the `security-misc` into `security-misc-shared`, `security-misc-desktop` and `security-misc-server`

#187 monsieuremre opened 5 months ago
18
Harden Network

#186 monsieuremre closed 5 months ago
1
Restrict umask to 027 except for sudo/root broken

#185 adrelanos opened 5 months ago
19
MAC randomization breaks root server and VirtualBox DHCP / IPv6PrivacyExtensions might be problematic

#184 adrelanos opened 5 months ago
17
Firefox ESR as the default Kicksecure Browser hardened with arkenfox user.js

#183 monsieuremre closed 5 months ago
11
Clarify validity of disabling io_uring

#182 raja-grewal closed 5 months ago
0
Clean permission-hardener

#181 ben-grande closed 5 months ago
0
fix Bluetooth readme

#180 adrelanos closed 6 months ago
4
consider excluding hardened malloc from SUID Disabler

#179 adrelanos closed 6 months ago
0
Disable asynchronous I/O

#178 raja-grewal closed 5 months ago
3