issues
search
sydhds
/
hardenbuntu
Recommendations and best practices for hardening an Ubuntu Linux system.
0
stars
0
forks
source link
Add separate user reco
#27
Open
sydhds
opened
1 year ago
sydhds
commented
1 year ago
Separate admin user from regular user (no admin/sudo/wheel rights)
'regular' user can still do admin stuff using polkit -> can we restrict this?
https://wiki.archlinux.org/title/Polkit
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
sydhds
commented
1 year ago
gufw rules:
/usr/share/polkit-1/actions/com.ubuntu.pkexec.gufw.policy
restriction for only sudo users:
/usr/share/polkit-1/rules.d/org.freedesktop.fwupd.rules