From 901bb89f66b23321133520926801e5cd955a1105 Mon Sep 17 00:00:00 2001 From: Tommy Date: Fri, 30 Jun 2023 03:32:49 -0700 Subject: [PATCH 1/2] Mention that /etc/apt/sources.list.d/* should be 644 (#138) * Update Desktop Linux Hardening.md Signed-off-by: Tommy --- content/posts/linux/Desktop Linux Hardening.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/posts/linux/Desktop Linux Hardening.md b/content/posts/linux/Desktop Linux Hardening.md index 91546d5..a044dfc 100644 --- a/content/posts/linux/Desktop Linux Hardening.md +++ b/content/posts/linux/Desktop Linux Hardening.md @@ -180,6 +180,8 @@ Another option is [Kata Containers](https://katacontainers.io/) which masquerade On distributions besides openSUSE, consider changing the default [umask](https://wiki.archlinux.org/title/Umask) for both root and regular users to `077` (symbolically, `u=rwx,g=,o=`). _On openSUSE, a umask of 077 can break snapper and is thus not recommended._ +On Ubuntu, the "Software & Update" application will not work properly if the repository lists in `/etc/apt/sources.list.d` have the 600 permission. You should make sure that they have the 644 permission instead. + The configuration for this varies per distribution, but typically it can be set in `/etc/profile`, `/etc/bashrc`, or `/etc/login.defs`. Note that, unlike on macOS, this will only change the umask for the shell. Files created by running applications will not have their permissions set to 600. From 6427f84ea6643d5f6c3e74708ade29a9e84a1ad9 Mon Sep 17 00:00:00 2001 From: Tommy Date: Wed, 5 Jul 2023 07:54:02 -0700 Subject: [PATCH 2/2] Hugo v0.115.1 Signed-off-by: Tommy --- netlify.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netlify.toml b/netlify.toml index cd90369..e726483 100644 --- a/netlify.toml +++ b/netlify.toml @@ -1,5 +1,5 @@ [build.environment] - HUGO_VERSION = "0.115.0" + HUGO_VERSION = "0.115.1" [context.deploy-preview] command = "sed -i 's/! Content-Security-Policy//g' static/_headers && hugo -b $DEPLOY_PRIME_URL"