mirror of
https://github.com/PrivSec-dev/privsec.dev
synced 2024-12-22 04:41:33 -05:00
Mention that /etc/apt/sources.list.d/* should be 644 (#138)
* Update Desktop Linux Hardening.md Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
1c4ba00370
commit
901bb89f66
@ -180,6 +180,8 @@ Another option is [Kata Containers](https://katacontainers.io/) which masquerade
|
|||||||
|
|
||||||
On distributions besides openSUSE, consider changing the default [umask](https://wiki.archlinux.org/title/Umask) for both root and regular users to `077` (symbolically, `u=rwx,g=,o=`). _On openSUSE, a umask of 077 can break snapper and is thus not recommended._
|
On distributions besides openSUSE, consider changing the default [umask](https://wiki.archlinux.org/title/Umask) for both root and regular users to `077` (symbolically, `u=rwx,g=,o=`). _On openSUSE, a umask of 077 can break snapper and is thus not recommended._
|
||||||
|
|
||||||
|
On Ubuntu, the "Software & Update" application will not work properly if the repository lists in `/etc/apt/sources.list.d` have the 600 permission. You should make sure that they have the 644 permission instead.
|
||||||
|
|
||||||
The configuration for this varies per distribution, but typically it can be set in `/etc/profile`, `/etc/bashrc`, or `/etc/login.defs`.
|
The configuration for this varies per distribution, but typically it can be set in `/etc/profile`, `/etc/bashrc`, or `/etc/login.defs`.
|
||||||
|
|
||||||
Note that, unlike on macOS, this will only change the umask for the shell. Files created by running applications will not have their permissions set to 600.
|
Note that, unlike on macOS, this will only change the umask for the shell. Files created by running applications will not have their permissions set to 600.
|
||||||
|
Loading…
Reference in New Issue
Block a user