{"id":13558870,"url":"https://github.com/marshyski/quick-secure","last_synced_at":"2025-12-25T08:46:29.885Z","repository":{"id":71301952,"uuid":"10095011","full_name":"marshyski/quick-secure","owner":"marshyski","description":"Quickly secure UNIX/Linux systems","archived":false,"fork":false,"pushed_at":"2020-03-09T05:25:19.000Z","size":48,"stargazers_count":416,"open_issues_count":1,"forks_count":52,"subscribers_count":20,"default_branch":"master","last_synced_at":"2024-11-04T10:43:33.065Z","etag":null,"topics":["docker","docker-security","linux","security","security-hardening"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/marshyski.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2013-05-16T06:19:27.000Z","updated_at":"2024-11-02T05:50:45.000Z","dependencies_parsed_at":null,"dependency_job_id":"41f41e56-121f-4345-999e-2eeb03bc5beb","html_url":"https://github.com/marshyski/quick-secure","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marshyski%2Fquick-secure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marshyski%2Fquick-secure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marshyski%2Fquick-secure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/marshyski%2Fquick-secure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/marshyski","download_url":"https://codeload.github.com/marshyski/quick-secure/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247018262,"owners_count":20869980,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","docker-security","linux","security","security-hardening"],"created_at":"2024-08-01T12:05:12.267Z","updated_at":"2025-12-25T08:46:29.847Z","avatar_url":"https://github.com/marshyski.png","language":"Shell","readme":"Quick NIX Secure Script\n==============\n\nQuick NIX Secure Script is used to **harden** and **secure** basic permissions and ownership **on the fly**.  This script can be used during boot up, cron, bootstrapping, kickstart, jumpstart and during other system deployments.  I recommend using CM tools like Puppet or Ansible, but this is still nice.\n\nWhy use this?\n--------------\nMany times in (**prod**)uction world prior admins harden without **automation** or towards an industry **baseline**. This is to help get to a point of standardization and quickly set or reset basic system security.\n\nUse before or after app deploymentz.  I don't set umasks, so everything should work regardless ^_^\n\nIndustry Compliance\n------------\nThis is influenced from DISA STIGs, ODAA, NSA and NIST/FIPs.  This does not enforce towards those baselines, but helps minimize CAT I-III findings.\n\nRequirements\n------------\n  * RHEL 5-6, Fedora 17-20, Ubuntu 10-13, Solaris 9-10 and OpenSolaris\n  * root or equivalent\n  * basic /bin /sbin /usr/bin executables\n\nInstallation\n------------\n(Easiest method to get going)\n\n    curl -sfO https://raw.githubusercontent.com/marshyski/quick-secure/master/quick-secure \u0026\u0026 bash quick-secure\n\n    \n(Alternative)  \n\n    git clone https://github.com/marshyski/quick-secure.git\n\tchmod 0700 ./quick-secure/quick-secure\n\nSecuring Docker Containers\n------------\n(Easiest method)\n\n    RUN cd / \u0026\u0026 curl -sfO https://raw.githubusercontent.com/marshyski/quick-secure/master/quick-secure \u0026\u0026 bash /quick-secure -f\n\n(Alternative method) \n\n    ADD quick-secure /quick-secure\n    RUN bash /quick-secure -f\n\nUsage\n-----\n  **-c** argument reviews what's commented out in quick-secure.\n\n    ./quick-secure/quick-secure -c\n\n  **-u** argument reviews what's being applied to your current system.\n  \n    ./quick-secure/quick-secure -u\n    \n  **-f** argument forces settings without being prompt with \"are you sure\" question.\n  \n    ./quick-secure/quick-secure -f\n    \n  Run quick-secure for the first time: ``./quick-secure/quick-secure`` in CLI.\n  \n  Setup quick-secure to run every sunday at 11PM via root's cron: \n  \n    00 23 * * 0 /root/quick-secure/quick-secure -f\n\n\nHelp \u0026 Feedback\n---------------\nYou can email (timski@linux.com) me directly if you need help, submit an issue or pull request.  Fork it.\n\n**Looking for better hardening for Ubuntu so pull request quick-secure.**\n","funding_links":[],"categories":["Shell","docker","System Utilities"],"sub_categories":["Directory Navigation"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarshyski%2Fquick-secure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarshyski%2Fquick-secure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarshyski%2Fquick-secure/lists"}