Actions

Dev/VirusForget

From Whonix

< Dev



similar to https://github.com/tasket/Qubes-VM-hardening [archive] but for any (Debian) Linux which is booted without root access

deactivate malware after reboot from non-root compromise

notes, scratch pad

features

  • run at boot before mounting /home
  • allow root to modify file and commit
  • file same as /etc/skel (root location) is ok
  • carantaine
  • delete
  • diff
  • init
  • commit
  • show
  • extra file
  • changed file
  • whitelisting of files such as for netvm
  • file by tag
  • qubes root compromise with protected root image /usr/local /rw
  • move anything not skel
  • after pam?
  • what if dotfile does not exist -> note to log that it does not exist
  • Don't bother with root protections in template or standalone.
  • Don't bother when root.
  • deploy
  • duplicate files for later diff

Because Tor Browser in home folder:

  • snapshot binaries with:
  • find . -executable -type f
  • upgrade mode to allow changing executables

command line interface:

  • --path
    • home folder can be in any location such as
    • --path /home/user
    • --path /rw/home/user
    • --path /path/to/chroot/folder/home/user
  • --simulate - do nothing but output what would be done
  • --protect - remove(?) important files after reboot
  • --unprotect - disable
  • --immutable - make important files immutable (cannot be written to)
  • --mutable
  • --reset-to-skel - reset important files as if created from /etc/skel
  • --skel /path/to/skel (default to /etc/skel)

considerations:

  • first boot
  • subsequent boot
  • what if new file gets added to config?

status:



Fosshost is sponsors Kicksecure ™ stage server Whonix old logo.png
Fosshost About Advertisements

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: Discourse logo.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png Iconfinder Apple Mail 2697658.png Reddit.jpg Hacker.news.jpg 200px-Mastodon Logotype (Simple).svg.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png Iconfinder Apple Mail 2697658.png Reddit.jpg Hacker.news.jpg 200px-Mastodon Logotype (Simple).svg.png

https link onion link Priority Support | Investors | Professional Support

Whonix | © ENCRYPTED SUPPORT LP | Heckert gnu.big.png Freedom Software / Osi standard logo 0.png Open Source (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.