PrivSec-dev/privsec.dev
1
0
Fork 0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2025-02-20 18:31:35 -05:00
Code

Merge branch 'PrivSec-dev:main' into wingedhorse

Browse Source
This commit is contained in:
Raja Grewal 2023-07-21 03:09:27 +00:00 committed by GitHub
commit 9df78a89f5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/posts/linux/Desktop Linux Hardening.md
View File

@ -180,6 +180,8 @@ Another option is [Kata Containers](https://katacontainers.io/) which masquerade
On distributions besides openSUSE, consider changing the default [umask](https://wiki.archlinux.org/title/Umask) for both root and regular users to `077` (symbolically, `u=rwx,g=,o=`). _On openSUSE, a umask of 077 can break snapper and is thus not recommended._
On Ubuntu, the "Software & Update" application will not work properly if the repository lists in `/etc/apt/sources.list.d` have the 600 permission. You should make sure that they have the 644 permission instead.
The configuration for this varies per distribution, but typically it can be set in `/etc/profile`, `/etc/bashrc`, or `/etc/login.defs`.
Note that, unlike on macOS, this will only change the umask for the shell. Files created by running applications will not have their permissions set to 600.

2
netlify.toml
View File

@ -1,5 +1,5 @@
[build.environment]
HUGO_VERSION = "0.115.0"
HUGO_VERSION = "0.115.1"
[context.deploy-preview]
command = "sed -i 's/! Content-Security-Policy//g' static/_headers && hugo -b $DEPLOY_PRIME_URL"