scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-03 20:07:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

improve: add additional chromium hardening policies

Browse Source
This commit is contained in:
qoijjj
2024-03-04 10:14:54 -08:00
committed by GitHub
parent 6d9da7fbc0
commit 073c40b456
2 changed files with 66 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
config/files/usr/etc/chromium/policies/managed/hardening.json
View File

@@ -29,5 +29,18 @@
"WebRtcIPHandling": "disable_non_proxied_udp",
"SafeBrowsingExtendedReportingEnabled": false,
"BrowserSignin": 0,
"AlternateErrorPagesEnabled": false
"AlternateErrorPagesEnabled": false,
"RemoteAccessHostAllowRemoteAccessConnections": false,
"RemoteAccessHostFirewallTraversal": false,
"DefaultInsecureContentSetting": 2,
"BlockExternalExtensions": true,
"AuthSchemes": "ntlm,negotiate",
"CloudPrintProxyEnabled": false,
"SitePerProcess": true,
"DefaultGeolocationSetting": 2,
"CloudPrintSubmitEnabled": false,
"AutofillAddressEnabled": false,
"AutofillCreditCardEnabled": false,
"ImportSavedPasswords": false,
"DiskCacheSize": 0
}

52
config/files/usr/etc/chromium/policies/managed/hardening.json.readme.md
View File

@@ -123,3 +123,55 @@
**Disable navigation error correction**
`"AlternateErrorPagesEnabled": false`
**Prevent remote access service from starting**
`"RemoteAccessHostAllowRemoteAccessConnections": false`
**Prevent remote client discovery**
`"RemoteAccessHostFirewallTraversal": false`
**Do not allow sites to load mixed content**
`"DefaultInsecureContentSetting": 2`
**Block external extensions**
`"BlockExternalExtensions": true`
**Disable insecure HTTP authentication schemes**
`"AuthSchemes": "ntlm,negotiate"`
**Disable Google Cloud Print proxy**
`"CloudPrintProxyEnabled": false`
**Prevent disabling site isolation**
`"SitePerProcess": true`
**By default, do not allow any site to track the users' physical location**
`"DefaultGeolocationSetting": 2`
**Disable Google Cloud Print site submission**
`"CloudPrintSubmitEnabled": false`
**Prevent saving address information for autofill**
`"AutofillAddressEnabled": false`
**Prevent saving credit card information for autofill**
`"AutofillCreditCardEnabled": false`
**Do not import saved passwords on first run**
`"ImportSavedPasswords": false`
**Disable disk cache**
`"DiskCacheSize": 0`