Description:
------------
Qubes-VM-hardening
Leverage Qubes template non-persistence to fend off malware at VM
startup: Lock-down, quarantine and check contents of /rw private storage
that affect the execution environment.
* Acts at VM startup before private volume /rw mounts
* User: Protect /home desktop & shell startup executables
* Root: Quarantine all /rw configs & scripts, with whitelisting
* Re-deploy custom or default files to /rw on each boot
* SHA256 hash checking against unwanted changes
* Provides rescue shell on error or request
* Works with template-based AppVMs, sys-net and sys-vpn
Version 0.8.4 expands protection to the /home/user systemd directory,
and now hides its vms config directory on all VM startups (not just when
its enabled). Upgrading is recommended.
Github link - https://github.com/tasket/Qubes-VM-hardening
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/7a23f142-5637-b88a-a455-0420e8350ad4%40posteo.net.
For more options, visit https://groups.google.com/d/optout.
