Hi everyone! Only a question: apparmor is sufficient t confine the services as openvpn or tor? What if I implement systemd to add another layer of security. As example:
This service is actually a systemd target,
but we are using a service since targets cannot be reloaded.
#SystemCallFilter=read openat close brk fstat lseek mmap mprotect munmap rt_sigaction rt_sigprocmask ioctl nanosleep select access execve getuid arch_prctl set>
Using both, AppArmor and (systemd) sandboxing is better. But:
Thanks! I’m new using kicksecure and I exposed to continuous attacks. But in any form, the attacker unload the network modules and then reload this modules. I don’t know how did. But next to harden Network Manager and openvpn was impossible unload modules. Do you know what is the common method used to hack debian and unload modules. Because always is the same, the wifi module or internet is loss. I think maybe send commands to the browser using beef or any other.I can send logs if you need.
I am not aware of any such common attack, nor would that make sense for an attacker to do.
This can have a ton of reasons of which many are not malicious. Software bugs exist.
Off-topic for Whonix.
And even for Kicksecure, this needs to be resolved as per:
Kicksecure does not touch that stuff. Hence, generic bug reproduction required as per:
Bug Reports, Software Development, and Feature Requests chapter Generic Bug Reproduction in Kicksecure wiki