Skip to content

Commit

Permalink
/etc/security/access-security-misc.conf white list ttyS0 etc.
Browse files Browse the repository at this point in the history 
ttyS0 ttyS1 ttyS2 ttyS3 ttyS4 ttyS5 ttyS6 ttyS7 ttyS8 ttyS9

Thanks to @subpar_marlin for the bug report and helping to fix this!

https://forums.whonix.org/t/how-do-i-enter-the-whonix-shell-from-cli/7271/43

https://forums.whonix.org/t/etc-security-hardening/8592
  • Loading branch information
Patrick Schleizer committed Apr 13, 2020
1 parent b3ce18f commit 253578a
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions etc/security/access-security-misc.conf
View file
Expand Up @@ -24,11 +24,14 @@
## - 'tty1' to 'tty7'
## - 'pts/0' to 'pts/9'
## - 'hvc0' to 'hvc9'
+:console:console tty1 tty2 tty3 tty4 tty5 tty6 tty7 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9 hvc0 hvc1 hvc2 hvc3 hvc4 hvc5 hvc6 hvc7 hvc8 hvc9
## serial console
## https://forums.whonix.org/t/how-do-i-enter-the-whonix-shell-from-cli/7271/43
## - 'ttyS0' to 'ttyS9'
+:console:console tty1 tty2 tty3 tty4 tty5 tty6 tty7 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9 hvc0 hvc1 hvc2 hvc3 hvc4 hvc5 hvc6 hvc7 hvc8 hvc9 ttyS0 ttyS1 ttyS2 ttyS3 ttyS4 ttyS5 ttyS6 ttyS7 ttyS8 ttyS9

## Same as above also for members of group `sudo`.
## https://github.com/Whonix/security-misc/pull/74#issuecomment-607748407
+:sudo:console tty1 tty2 tty3 tty4 tty5 tty6 tty7 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9 hvc0 hvc1 hvc2 hvc3 hvc4 hvc5 hvc6 hvc7 hvc8 hvc9
+:sudo:console tty1 tty2 tty3 tty4 tty5 tty6 tty7 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 pts/6 pts/7 pts/8 pts/9 hvc0 hvc1 hvc2 hvc3 hvc4 hvc5 hvc6 hvc7 hvc8 hvc9 ttyS0 ttyS1 ttyS2 ttyS3 ttyS4 ttyS5 ttyS6 ttyS7 ttyS8 ttyS9

## Everyone else except members of group 'console-unrestricted'
## are restricted from everything else.
Expand Down

0 comments on commit 253578a

Please sign in to comment.