Actions

Dev/VirusForget

From Whonix

< Dev



similar to https://github.com/tasket/Qubes-VM-hardening [archive] but for any (Debian) Linux which is booted without root access

deactivate malware after reboot from non-root compromise

notes, scratch pad

features

  • run at boot before mounting /home
  • allow root to modify file and commit
  • file same as /etc/skel (root location) is ok
  • carantaine
  • delete
  • diff
  • init
  • commit
  • show
  • extra file
  • changed file
  • whitelisting of files such as for netvm
  • file by tag
  • qubes root compromise with protected root image /usr/local /rw
  • move anything not skel
  • after pam?
  • what if dotfile does not exist -> note to log that it does not exist
  • Don't bother with root protections in template or standalone.
  • Don't bother when root.
  • deploy
  • duplicate files for later diff

Because Tor Browser in home folder:

  • snapshot binaries with:
  • find . -executable -type f
  • upgrade mode to allow changing executables

command line interface:

  • --path
    • home folder can be in any location such as
    • --path /home/user
    • --path /rw/home/user
    • --path /path/to/chroot/folder/home/user
  • --simulate - do nothing but output what would be done
  • --protect - remove(?) important files after reboot
  • --unprotect - disable
  • --immutable - make important files immutable (cannot be written to)
  • --mutable
  • --reset-to-skel - reset important files as if created from /etc/skel
  • --skel /path/to/skel (default to /etc/skel)

considerations:

  • first boot
  • subsequent boot
  • what if new file gets added to config?

status:



text=Jobs in USA
Jobs in USA


Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png Iconfinder Apple Mail 2697658.png Reddit.jpg Hacker.news.jpg 200px-Mastodon Logotype (Simple).svg.png

https link onion link

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation. Policy of Whonix Website and Whonix Chat and Policy On Nonfreedom Software applies.

Copyright (C) 2012 - 2021 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint, Contact.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.