diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-01-30 19:20:13 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-01-30 20:05:35 -0300 |
commit | f253f90d1dc2dd0fe8654ce2596303b059f673a9 (patch) | |
tree | 54312424941bdcd1a446a2a53a0626f26b4e14b6 | |
parent | disable-common.inc: add more ro editor/browser paths (diff) | |
download | firejail-f253f90d1dc2dd0fe8654ce2596303b059f673a9.tar.gz firejail-f253f90d1dc2dd0fe8654ce2596303b059f673a9.tar.zst firejail-f253f90d1dc2dd0fe8654ce2596303b059f673a9.zip |
disable-common.inc: make ~/.config/nano read-only
Similarly to the existing ~/.nanorc entry.
Taken from nano.profile.
-rw-r--r-- | etc/inc/disable-common.inc | 1 | ||||
-rw-r--r-- | etc/profile-m-z/nano.profile | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 1e84370a4..03daaa9a6 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -327,6 +327,7 @@ read-only ${HOME}/.ssh/config.d | |||
327 | # Initialization files that allow arbitrary command execution | 327 | # Initialization files that allow arbitrary command execution |
328 | read-only ${HOME}/.caffrc | 328 | read-only ${HOME}/.caffrc |
329 | read-only ${HOME}/.cargo/env | 329 | read-only ${HOME}/.cargo/env |
330 | read-only ${HOME}/.config/nano | ||
330 | read-only ${HOME}/.config/nvim | 331 | read-only ${HOME}/.config/nvim |
331 | read-only ${HOME}/.config/pkcs11 | 332 | read-only ${HOME}/.config/pkcs11 |
332 | read-only ${HOME}/.dotfiles | 333 | read-only ${HOME}/.dotfiles |
diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile index 0814742c1..74403c335 100644 --- a/etc/profile-m-z/nano.profile +++ b/etc/profile-m-z/nano.profile | |||
@@ -56,5 +56,6 @@ dbus-user none | |||
56 | dbus-system none | 56 | dbus-system none |
57 | 57 | ||
58 | memory-deny-write-execute | 58 | memory-deny-write-execute |
59 | read-write ${HOME}/.config/nano | ||
59 | read-write ${HOME}/.nanorc | 60 | read-write ${HOME}/.nanorc |
60 | restrict-namespaces | 61 | restrict-namespaces |