diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-03-23 02:02:19 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-03-27 08:24:24 -0300 |
commit | 13cb318d40b2758aefb9dd360924313a54d8efbd (patch) | |
tree | 4aeb22614c0ae3fb44d3feaeca5fa30669b93ac4 | |
parent | whitelist-common.inc: remove read-only entries (diff) | |
download | firejail-13cb318d40b2758aefb9dd360924313a54d8efbd.tar.gz firejail-13cb318d40b2758aefb9dd360924313a54d8efbd.tar.zst firejail-13cb318d40b2758aefb9dd360924313a54d8efbd.zip |
mpv: move read-only entries to disable-common.inc
Note: mpv itself does not modify anything in ~/.config/mpv as far as I
know, in which case it does not need a read-write entry.
Relates to #5706 #5707 #5710.
-rw-r--r-- | etc/inc/disable-common.inc | 1 | ||||
-rw-r--r-- | etc/profile-a-l/ani-cli.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/lobster.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/mov-cli.profile | 2 |
4 files changed, 1 insertions, 6 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 5f4233363..1b55a5dff 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -329,6 +329,7 @@ read-only ${HOME}/.ssh/config.d | |||
329 | # Initialization files that allow arbitrary command execution | 329 | # Initialization files that allow arbitrary command execution |
330 | read-only ${HOME}/.caffrc | 330 | read-only ${HOME}/.caffrc |
331 | read-only ${HOME}/.cargo/env | 331 | read-only ${HOME}/.cargo/env |
332 | read-only ${HOME}/.config/mpv | ||
332 | read-only ${HOME}/.config/nano | 333 | read-only ${HOME}/.config/nano |
333 | read-only ${HOME}/.config/nvim | 334 | read-only ${HOME}/.config/nvim |
334 | read-only ${HOME}/.config/pkcs11 | 335 | read-only ${HOME}/.config/pkcs11 |
diff --git a/etc/profile-a-l/ani-cli.profile b/etc/profile-a-l/ani-cli.profile index 231b5bca0..f05653719 100644 --- a/etc/profile-a-l/ani-cli.profile +++ b/etc/profile-a-l/ani-cli.profile | |||
@@ -35,7 +35,5 @@ private-bin ani-cli,aria2c,cat,cp,curl,cut,ffmpeg,fzf,grep,head,mkdir,mv,nl,nohu | |||
35 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg | 35 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg |
36 | private-tmp | 36 | private-tmp |
37 | 37 | ||
38 | read-only ${HOME}/.config/mpv | ||
39 | |||
40 | # Redirect | 38 | # Redirect |
41 | include mpv.profile | 39 | include mpv.profile |
diff --git a/etc/profile-a-l/lobster.profile b/etc/profile-a-l/lobster.profile index 01928c775..2b0fc5275 100644 --- a/etc/profile-a-l/lobster.profile +++ b/etc/profile-a-l/lobster.profile | |||
@@ -35,7 +35,5 @@ private-bin curl,cut,fzf,grep,head,lobster,mv,patch,rm,sed,sh,tail,tput,tr,uname | |||
35 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg | 35 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg |
36 | private-tmp | 36 | private-tmp |
37 | 37 | ||
38 | read-only ${HOME}/.config/mpv | ||
39 | |||
40 | # Redirect | 38 | # Redirect |
41 | include mpv.profile | 39 | include mpv.profile |
diff --git a/etc/profile-m-z/mov-cli.profile b/etc/profile-m-z/mov-cli.profile index 8ad94b949..74d630e24 100644 --- a/etc/profile-m-z/mov-cli.profile +++ b/etc/profile-m-z/mov-cli.profile | |||
@@ -25,7 +25,5 @@ private-bin ffmpeg,fzf,mov-cli | |||
25 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg | 25 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg |
26 | private-tmp | 26 | private-tmp |
27 | 27 | ||
28 | read-only ${HOME}/.config/mpv | ||
29 | |||
30 | # Redirect | 28 | # Redirect |
31 | include mpv.profile | 29 | include mpv.profile |