Lynis hardening on qubes?

as a option

yes… that would be great!

what’s about setting umask, to get stricter rights?

And whats about DCCP, SCTP, RDS, TIPC net protocols? They seem to be not disabled.

i think no

not sure about the important of protocols, but it seem not used much so you can disable it

and why no for umask 027, does it have to do with qubes structure?

by the way, why does lynis shows that I have an apache webserver? no apache service is running

ah, i bad at reading file permission like that, it is -rw-r-----
if so, don’t do that

idk, that weird

[+] Software: webserver
  - Checking Apache (binary /usr/sbin/httpd)                  [ FOUND ]
      Info: Configuration file found (/etc/httpd/conf/httpd.conf)
      Info: No virtual hosts found
    * Loadable modules                                        [ FOUND (106) ]
        - Found 106 loadable modules
          mod_evasive: anti-DoS/brute force                   [ NOT FOUND ]
          mod_reqtimeout/mod_qos                              [ FOUND ]
          ModSecurity: web application firewall               [ NOT FOUND ]
  - Checking nginx                                            [ NOT FOUND ]

I suppose it comes with standard installation of fedora 33, but how can i get rid of that?

027 is rwx for user / rx for group / nothing for others

1 Like

try google ‘apache uninstall fedora’ (it quite complex)

no no no, this is bad. only use this if it home folder of that user

hmm… ok, thanks!

#Edit: I got it to 70 points… nice