Dev/VirusForget
From Whonix
< Dev
similar to https://github.com/tasket/Qubes-VM-hardening [archive] but for any (Debian) Linux which is booted without root access
deactivate malware after reboot from non-root compromise
notes, scratch pad
features
- run at boot before mounting /home
- allow root to modify file and commit
- file same as /etc/skel (root location) is ok
- carantaine
- delete
- diff
- init
- commit
- show
- extra file
- changed file
- whitelisting of files such as for netvm
- file by tag
- qubes root compromise with protected root image /usr/local /rw
- move anything not skel
- after pam?
- what if dotfile does not exist -> note to log that it does not exist
- Don't bother with root protections in template or standalone.
- Don't bother when root.
- deploy
- duplicate files for later diff
Because Tor Browser in home folder:
- snapshot binaries with:
- find . -executable -type f
- upgrade mode to allow changing executables
command line interface:
- --path
- home folder can be in any location such as
- --path /home/user
- --path /rw/home/user
- --path /path/to/chroot/folder/home/user
- --simulate - do nothing but output what would be done
- --protect - remove(?) important files after reboot
- --unprotect - disable
- --immutable - make important files immutable (cannot be written to)
- --mutable
- --reset-to-skel - reset important files as if created from /etc/skel
- --skel /path/to/skel (default to /etc/skel)
considerations:
- first boot
- subsequent boot
- what if new file gets added to config?
status:
- rewrite started, stalled for now
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
|
100px |
| Fosshost | About Advertisements |
Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki
Priority Support | Investors | Professional Support
Whonix ™ | © ENCRYPTED SUPPORT LP | 
Freedom Software / 
Open Source (Why?)
The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.