HBSD: prevent reading in sensitive files and locations by non-root users (!38) · Merge requests · HardenedBSD / HardenedBSD · GitLab

Loic requested to merge loic/HardenedBSD:hidesym into hardened/current/master May 23, 2021

HBSD: prevent kernel reading by non-root users
̶H̶B̶S̶D̶:̶ ̶r̶e̶s̶t̶r̶i̶c̶t̶ ̶m̶o̶d̶e̶ ̶i̶n̶ ̶b̶s̶d̶.̶o̶w̶n̶.̶m̶k̶
HBSD: prevent modules reading by non-root users
HBSD: restrict mode in bsd.own.mk (version 2)
HBSD: Secure the root directory
HBSD: Disable users access to /etc config files
HBSD: No new home directories world-readable
HBSD: Update mtree for /var/log
HBSD: Update mtree for root directory

This pull request is for #47 (closed)

Signed-off-by: Loic loic.f@hardenedbsd.org

Edited May 28, 2021 by Loic