diff options
author | 2023-02-14 09:08:03 -0500 | |
---|---|---|
committer | 2023-02-14 09:08:03 -0500 | |
commit | ee1586dd59384630e6a162acda7921ba5af1149e (patch) | |
tree | 8021faa4329ca03f99653205de2762b351bd14d1 | |
parent | private-etc: kdiff3, gzip, gunzip, tar etc (diff) | |
parent | Prevent access to LUKS keyfile (diff) | |
download | firejail-ee1586dd59384630e6a162acda7921ba5af1149e.tar.gz firejail-ee1586dd59384630e6a162acda7921ba5af1149e.tar.zst firejail-ee1586dd59384630e6a162acda7921ba5af1149e.zip |
Merge pull request #5663 from netcarver/master
disable-common.inc: Prevent access to LUKS keyfile
-rw-r--r-- | etc/inc/disable-common.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 03daaa9a6..81f417232 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -450,6 +450,9 @@ blacklist ${HOME}/.vaults | |||
450 | blacklist /run/timeshift | 450 | blacklist /run/timeshift |
451 | blacklist /var/backup | 451 | blacklist /var/backup |
452 | 452 | ||
453 | # dm-crypt / LUKS | ||
454 | blacklist /crypto_keyfile.bin | ||
455 | |||
453 | # Remove environment variables with auth tokens. | 456 | # Remove environment variables with auth tokens. |
454 | # Note however that the sandbox might still have access to the | 457 | # Note however that the sandbox might still have access to the |
455 | # files where these variables are set. | 458 | # files where these variables are set. |