ernw / hardening Goto Github PK
View Code? Open in Web Editor NEWRepository of Hardening Guides
Repository of Hardening Guides
I did the Automatically Lock the Login Keychain thing. It makes me crazy, asking for my loooong passphrases way too frequently. I went to Keychain Access selected the login Keychain, and turned it off. I still get prompted for ssh passphrases, ScanSnap, blah blah blah. How do I really stop this?
Since /etc/
is a symbolic link to /private/etc/
on OS X, aren't /etc/hosts
and /private/etc/hosts
the same file? I'm not sure what is meant by:
! But there is local per User hosts file "/private/etc/hosts"
Never edit the sudoers file directly. Always use visudo and work on a file in /etc/sudoers.d/ or you will suffer great pain as you mangle the file and suddenly have to reload the OS because of a typo causing invalid syntax. Using visudo checks before installing your changes, and working on a separate file means you can remove the offending file in worst case to recover. Multiple files are also much easier for cfgmgmt to work with.
Also, disabling caching is a pretty sure way to guarantee users add in entries like:
Defaults:%group !authenticate
which completely bypasses reauthentication.
Hello,
For two updates or so on Mojave I've encountered an issue regarding the part about the use of the pwpolicy
command. For example the option setpolicy
is now deprecated and even though I tried to bypass it by playing with other options in many ways to figure out how to kind of properly set up the same command as the one show in the guide:
pwpolicy -u -setpolicy "minChars=8 requiresAlpha=1 requiresNumeric=1 maxMinutesUntilChangePassword=259200 usingHistory=5 usingExpirationDate=1 passwordCannotBeName=1 requiresMixedCase=1 requiresSymbol=1"
It didn't work and the related file that the command writes in isn't updated as it was before. Did some of you figured out a way yet to enforce such a policy on recent Mojave updates?
Thank you!
Enabling Filevault 2 lists Admin users at boot regardless of the "Display login window as: Name and password" in the Users and Groups login options.
Is there a work around?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.