diff options
| author |  netblue30 <netblue30@protonmail.com> | 2023-02-14 09:08:03 -0500 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2023-02-14 09:08:03 -0500 |
| commit | ee1586dd59384630e6a162acda7921ba5af1149e (patch) | |
| tree | 8021faa4329ca03f99653205de2762b351bd14d1 | |
| parent | private-etc: kdiff3, gzip, gunzip, tar etc (diff) | |
| parent | Prevent access to LUKS keyfile (diff) | |
| download | firejail-ee1586dd59384630e6a162acda7921ba5af1149e.tar.gz firejail-ee1586dd59384630e6a162acda7921ba5af1149e.tar.zst firejail-ee1586dd59384630e6a162acda7921ba5af1149e.zip | |
Merge pull request #5663 from netcarver/master
disable-common.inc: Prevent access to LUKS keyfile
| -rw-r--r-- | etc/inc/disable-common.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 03daaa9a6..81f417232 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
| @@ -450,6 +450,9 @@ blacklist ${HOME}/.vaults | |||
| 450 | blacklist /run/timeshift | 450 | blacklist /run/timeshift |
| 451 | blacklist /var/backup | 451 | blacklist /var/backup |
| 452 | 452 | ||
| 453 | # dm-crypt / LUKS | ||
| 454 | blacklist /crypto_keyfile.bin | ||
| 455 | |||
| 453 | # Remove environment variables with auth tokens. | 456 | # Remove environment variables with auth tokens. |
| 454 | # Note however that the sandbox might still have access to the | 457 | # Note however that the sandbox might still have access to the |
| 455 | # files where these variables are set. | 458 | # files where these variables are set. |