Skip to content
This repository has been archived by the owner on Jan 15, 2024. It is now read-only.

Don't allow any changes to dkms or hardened-kernel #35

Merged
merged 1 commit into from Jan 15, 2020
Merged

Don't allow any changes to dkms or hardened-kernel #35

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 8 additions & 0 deletions etc/apparmor.d/abstractions/dangerous-files
View file
Open in desktop
Expand Up @@ -124,3 +124,11 @@
audit deny /**/modprobe.d/** w,
audit deny /lib/modules/ rw,
audit deny /lib/modules/** rw,
audit deny /**/dkms/ rw,
audit deny /**/dkms/** rw,

## Don't allow any changes to hardened-kernel.
audit deny /var/lib/hardened-kernel/ rw,
audit deny /var/lib/hardened-kernel/** rw,
audit deny /usr/share/hardened-kernel/ rw,
audit deny /usr/share/hardened-kernel/** rw,