1. 145964c Additionally check user name 'server' by WHR · 6 weeks ago master
  2. bb95b2b Check current status of 'basic.target' for systemd availability by WHR · 6 weeks ago
  3. 5bc631b Start an infinite loop from replacement /sbin/init, to repeatly remove read and write permission bits from /dev/shm, and remount /dev/shm as read-only by WHR · 3 months ago
  4. cd06b04 Don't export 'SHELL_DEF' into environment by WHR · 3 months ago
  5. e7388c2 Try to mount procfs as necessary from replacement /sbin/init by WHR · 6 months ago
  6. 276f032 Try to make the file system for '/' writable, from replacement /sbin/init by WHR · 6 months ago
  7. 052bdc5 Add some more paths to list of suspicious regular files by WHR · 6 months ago
  8. 0deaea5 Remove 2 more service control scripts when instructed to remove cloud-init by WHR · 7 months ago
  9. 22c4f09 Additionally check user names 'dixi' and 'tutu' by WHR · 7 months ago
  10. 978a717 procd: detect more variants of suspicious bind mounts over procfs PID directories and unmount them by WHR · 7 months ago
  11. 60f9aa3 Unset sudoers(5) option 'requiretty' as a part of Sudo I/O logging configuration by WHR · 8 months ago
  12. 11252ee Remove watchdog device nodes if watchdog(8) isn't installed, from replacement /sbin/init by WHR · 8 months ago
  13. 97cebc3 Correct a potential compatibility issue of end-of-options marker usage by WHR · 8 months ago
  14. 4227613 update-blacklist: disable ProxyCommand for ssh(1) by WHR · 8 months ago
  15. 9dccba6 procd: don't mask processes that having different root directory by WHR · 8 months ago
  16. 57dee7b Ignore blank or comment lines in '.blacklist' file by WHR · 10 months ago
  17. 4ee014a procd: automatically kill stalled masked script(1) processes by WHR · 11 months ago
  18. 8316805 Correct escaping in command substitution by WHR · 11 months ago
  19. 2ab2a8b Suggest not to re-exec sudo bash if parent process has the same controlling terminal as current shell by WHR · 11 months ago
  20. e6943b0 Suggest to redirect to unfiltered nproc(1) when no option is given for nproc(1) by WHR · 11 months ago
  21. d790b30 Mask mount /dev/shm directory from /sbin/init wrapper by WHR · 11 months ago
  22. f8cb0cf Check user names 'iksi' and '.syslogs' by WHR · 1 year, 1 month ago
  23. 1599538 Check multiple clauses in chmod(1) wrapper by WHR · 1 year, 1 month ago
  24. 31479de Rename original chmod(1) to modmod instead by WHR · 1 year, 2 months ago
  25. a738df0 Optionally replace chmod(1) to reject potentially dangerous recursive operations by WHR · 1 year, 2 months ago
  26. f594ced Make sure target file ends with a new line before appending lines to it by WHR · 1 year, 2 months ago
  27. 1e47dd2 Pass original command string to bash(1) started by fakeroot-ng(1) by WHR · 1 year, 2 months ago
  28. 23859bc Add a directory name for checking; fix typo by WHR · 1 year, 2 months ago
  29. 1ee2993 mbash: fallback to use id(1) for 'EUID' and 'UID' variables; start new bash(1) instance as a login shell if mbash was started by sshd(8) by WHR · 1 year, 2 months ago
  30. 1485e3c Check a fixed list of suspicious regular files by WHR · 1 year, 2 months ago
  31. 188a022 Update fileflags by WHR · 1 year, 2 months ago
  32. 638a7eb Make mbash more friendly to root; enable fake-passwd in mbash by default; port recent changes from 'aliin-brute-trap/honeypot-shell' of fuck-vvnnmm into mbash by WHR · 1 year, 2 months ago
  33. c64137f Check user account 'dudu' by WHR · 1 year, 2 months ago
  34. a7bc62f Optionally remove cloud-init by WHR · 1 year, 2 months ago
  35. 7378ab9 Check a fixed list of suspicious systemd unit files, and automatically remove them by WHR · 1 year, 2 months ago
  36. 8a0d96f Add some simple wrapper for some specific commands, ported from 'aliin-brute-trap/honeypot-shell', of fuck-vvnnmm by WHR · 1 year, 2 months ago
  37. 92aec39 Check user names 'ad1tz' and 'systemd' in addition to 'pischi' by WHR · 1 year, 2 months ago
  38. 717f40c procd: detect bind mounted '/dev' over procfs PID directories and unmount them by WHR · 1 year, 2 months ago
  39. ac748fd Check a fixed list of suspicious directories by WHR · 1 year, 2 months ago
  40. 1174655 If tar(1) looks like already being replaced, make it immutable by WHR · 1 year, 2 months ago
  41. 4fe1825 Also check and remove /www/server/panel/script/log_cleanup.py by WHR · 1 year, 2 months ago
  42. 9dce2a5 Add end-of-options marker for some commands as necessary by WHR · 1 year, 3 months ago
  43. e2e08ef Detect and remove BT clear plugin as it may remove important log files by WHR · 1 year, 3 months ago
  44. 051a9be Check and warn about the potentially malicious 'pischi' user account by WHR · 1 year, 3 months ago
  45. 33e5fdd Add blacklist source host keys without port number to allow it be configured using the default port by WHR · 1 year, 3 months ago
  46. c132e3e Drop previous crontab content if contains error by WHR · 1 year, 3 months ago
  47. cfd54ed Fallback to chflags(1) to make replaced chattr(1) and lsattr(1) immutable by WHR · 1 year, 5 months ago
  48. 349a260 Don't consider empty /usr/bin/chattr and /usr/bin/lsattr for backup by WHR · 1 year, 5 months ago
  49. 18489c5 Optionally disallow loopback SSH connections by WHR · 1 year, 6 months ago
  50. f9fc15e Fix typo in bindfiles.service by WHR · 1 year, 6 months ago
  51. 13a51e1 Always report error from lsattr(1) by WHR · 1 year, 6 months ago
  52. 1101582 Update fileflags by WHR · 1 year, 6 months ago
  53. d9d7d2e Refuse to update blacklist for invalid HOME by WHR · 1 year, 6 months ago
  54. a0de195 Optionally bind mount important system files to protect them by WHR · 1 year, 6 months ago
  55. b1ee009 Don't depend on which(1) from shdrc by WHR · 1 year, 6 months ago
  56. 6c56e61 Optionally limit number of processes in mbash by WHR · 1 year, 6 months ago
  57. 1c536d2 Make failed to start procd(8) via systemd(1) a non-fatal error by WHR · 1 year, 7 months ago
  58. 5939334 Make modified inclusive sudoers files immutable by WHR · 1 year, 7 months ago
  59. cc9ce50 Use function append_uniq_line to add set PATH line into .profile and .bash_profile by WHR · 1 year, 7 months ago
  60. 2659e94 Recognize more characters as need quote in perl(1) wrapper; fix missing new line in an error message in perl(1) wrapper by WHR · 1 year, 7 months ago
  61. b48b7e5 Check HOME environment variable by WHR · 1 year, 7 months ago
  62. 62be90e Skip replacing /sbin/init on non-Linux platforms; set proper SELinux security context for newly replaced /sbin/init by WHR · 1 year, 8 months ago
  63. 6e4ca71 Quote command line arguments that contain single quotes in perl log by WHR · 1 year, 8 months ago
  64. 27cf98e Re-exec sudo bash with an empty zeroth argument by WHR · 1 year, 8 months ago
  65. a5abda9 Exclude some specific users from Sudo I/O logging to avoid flooding the logs by WHR · 1 year, 8 months ago
  66. 55547ff Warn if newly created immutable /usr/tmpDSK wasn't actually immutable by WHR · 1 year, 8 months ago
  67. 3dfbcf6 Reorder perl wrapper code before any chflags call by WHR · 1 year, 8 months ago
  68. cc1885c Use ps(1)-style tty name in function write_history (strip /dev/ prefix, use ? for no tty) by WHR · 1 year, 8 months ago
  69. c2eded2 procd: match mount from name 'systemd-?' to check pid directories for unmounting by WHR · 1 year, 8 months ago
  70. 51770ba chmod(1) /usr/share/fileflags/functions only when it was just created by setup.sh by WHR · 1 year, 8 months ago
  71. 11bf8c0 Make an immutable /usr/tmpDSK file preventively if /tmp was suspected being mounted with 'noexec'; fix failure to modify /etc/cron.daily/logrotate may inadvertently destroy the file by WHR · 1 year, 8 months ago
  72. 24b6921 shdrc: make PROMPT_COMMAND read-only by WHR · 1 year, 8 months ago
  73. 0990b40 Export REAL_PERL to environment from existing perl wrapper for the bundled chflags implementation by WHR · 1 year, 8 months ago
  74. daeb39c Add install_program function to unify actions that needed for installing executable files from source directory by WHR · 1 year, 8 months ago
  75. e040eeb Make sure .bash_history and .ash_commands are regular files by WHR · 1 year, 8 months ago
  76. e24b843 Fix usage of bundled chflags(1) by WHR · 1 year, 8 months ago
  77. 3f49427 Overwrite existing configuration files only on '--reinstall-config-files'; allow re-run with '--harden' by WHR · 1 year, 8 months ago
  78. daaaec5 Make backup reboot command immutable on hardening by WHR · 1 year, 8 months ago
  79. 5f82e6f Optionally harden installed files by WHR · 1 year, 8 months ago
  80. bfb0e4b Check the working directory in beginning of setup.sh by WHR · 1 year, 8 months ago
  81. 8f2b1cb Read /etc/hosts.allow to decide whether to allow a remote login if it available by WHR · 1 year, 8 months ago
  82. 9d176bb Trash /usr/tmpDSK via the associated loop device; make /usr/tmpDSK immutable immediately after truncating by WHR · 1 year, 8 months ago
  83. f643f08 Try to get real perl path from previously installed perl wrapper by WHR · 1 year, 8 months ago
  84. 632ca11 Suppress dd(1) statistics by WHR · 1 year, 8 months ago
  85. 615b8a0 Detect and continue with previous cattr backup on '--replace-chattr' by WHR · 1 year, 8 months ago
  86. d452b99 Fix a logical error in function append_or_set_words by WHR · 1 year, 8 months ago
  87. dd72196 Skip adding Sudo options if they already exist in sudoers(5) by WHR · 1 year, 8 months ago
  88. d7d1ada Don't add duplicated lines into .bashrc and .profile by WHR · 1 year, 8 months ago
  89. 791d13a Fix kernel name of 'Linux' by WHR · 1 year, 8 months ago
  90. 2021eb3 Don't remove lattr by WHR · 1 year, 8 months ago
  91. 4a7a0ab Don't truncate /usr/tmpDSK if it is already empty by WHR · 1 year, 8 months ago
  92. 1690920 Add a variant of fake reboot command that reminds users the correct way of rebooting/halting the system by WHR · 1 year, 8 months ago
  93. 6894e98 procd is available for Linux only by WHR · 1 year, 8 months ago
  94. 84d7452 procd: try to unmount deleted PID mountpoint by WHR · 1 year, 8 months ago
  95. 688cb88 Write fixed PATH into .profile, and .bash_profile if exists by WHR · 1 year, 8 months ago
  96. 50608d5 Don't print result of 'systemctl is-enabled' by WHR · 1 year, 8 months ago
  97. fab691f Revise perl(1) wrapper by WHR · 1 year, 8 months ago
  98. 07f9c7e Check availability of sudo(1); set LD_PRELOAD for fake root shell under a specific condition; fix typo by WHR · 1 year, 8 months ago
  99. 230679f Update fileflags by WHR · 1 year, 8 months ago
  100. fb5b152 Correctly recognize and mention '--remove-utempter' by WHR · 1 year, 8 months ago