mirror of
https://github.com/TommyTran732/Microsoft-Edge-Policies
synced 2024-11-22 18:21:34 -05:00
Compare commits
No commits in common. "35c2513583c31970633cad189402f1a8e8e0c992" and "f715cee32acdb6f5b9d2196b43a84235a5efc504" have entirely different histories.
35c2513583
...
f715cee32a
11
README.md
11
README.md
@ -1,16 +1,5 @@
|
|||||||
# Microsoft Edge Policies
|
# Microsoft Edge Policies
|
||||||
|
|
||||||
These policies are written with personal use in mind, so that I can configure Microsoft Edge for security and privacy on my personal systems. Certain features are disabled because I see them as unnecessary, annoying, or potentially privacy invasive. Microsoft has the tendency to implement features in the most privacy invasive way possible, so features that are not related to security are disabled unless they are explicitly documented to not have detremental effects on privacy.
|
|
||||||
|
|
||||||
Smartscreen is left as recommended to be be off, as it sends the FULL URLs of what are being visted to Microsoft. I decide whether to use it or not depending on the actual system that I am using.
|
|
||||||
|
|
||||||
For corporate environments, you will need make approprieate changes, including but not limited to:
|
|
||||||
- Disabling `DeveloperToolsAvailability`. Users can be tricked into running malicious code in the browser console otherwise.
|
|
||||||
- Setting `DefaultWebUsbGuardSetting` to "Block". In most cases, the websites will never need to use this API. I need it to flash GrapheneOS and StockOS on my phones.
|
|
||||||
- Setting `DefaultJavaScriptJitSetting` to "Block". This will prevent users from adding exceptions to Enhanced Security Mode.
|
|
||||||
- Further restricting permissions that websites can prompt for.
|
|
||||||
- Madating that `SmartScreenEnabled` is set to disabled. `TyposquattingCheckerEnabled` is also potentially invasive, though I have not confirmed this. Please make an issue to let me know of your findings.
|
|
||||||
|
|
||||||
## Linux
|
## Linux
|
||||||
|
|
||||||
The mandatory prolicies should be put in `/etc/opt/edge/policies/managed/managed.json`, and the recommended policies should be put in `/etc/opt/edge/policies/recommended/recommended.json`
|
The mandatory prolicies should be put in `/etc/opt/edge/policies/managed/managed.json`, and the recommended policies should be put in `/etc/opt/edge/policies/recommended/recommended.json`
|
||||||
|
Loading…
Reference in New Issue
Block a user