Marek Marczykowski-Górecki
|
8acd40905d
|
Disable lesspipe in dom0
It can be dangerous when processing untrusted content (for example VM
logs).
Details:
https://groups.google.com/d/msgid/qubes-users/20150527215812.GA13915%40mail-itl
|
2015-06-25 02:37:29 +02:00 |
|
Marek Marczykowski-Górecki
|
c457b485cb
|
Load xen-acpi-processor module
It is required for cpufreq to work.
|
2015-04-10 17:56:58 +02:00 |
|
Marek Marczykowski-Górecki
|
5035fc7eed
|
Remove iptables config
Dom0 have no network at all, it isn't needed.
|
2015-03-31 22:55:25 +02:00 |
|
Marek Marczykowski-Górecki
|
4449d51d98
|
udev: prevent race with kpartx -d
udevd calls (internal) blkid, which opens the device, so kpartx -d
cannot remove it.
|
2015-02-01 04:05:05 +01:00 |
|
Marek Marczykowski-Górecki
|
9687180a62
|
udev: prevent dom0 processes from accessing templates root image
|
2014-07-04 04:29:31 +02:00 |
|
Marek Marczykowski-Górecki
|
5af0530e8d
|
udev: prevent VM disks content from being accessed by dom0 processes
To not expose dom0 processes like blkid for attacks from VM (e.g. by
placing malicious filesystem header in private.img).
|
2014-06-11 02:41:20 +02:00 |
|
Marek Marczykowski-Górecki
|
2c4aae132a
|
Use 'conntrack' iptables module instead of obsoleted 'state'
|
2014-04-04 11:30:55 +02:00 |
|
Marek Marczykowski
|
dbe9693851
|
Other Linux-specific files
|
2013-03-16 19:52:16 +01:00 |
|