diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-10-26 15:41:34 +0100 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-10-26 15:43:53 +0100 |
commit | 388826683c3b90926e73c83ddb91d5c84a7fa1fa (patch) | |
tree | d037f48e22c7576e9c6934d932baaa7a21dc6bcf | |
parent | Merge pull request #3700 from rusty-snake/fix-3699 (diff) | |
download | firejail-388826683c3b90926e73c83ddb91d5c84a7fa1fa.tar.gz firejail-388826683c3b90926e73c83ddb91d5c84a7fa1fa.tar.zst firejail-388826683c3b90926e73c83ddb91d5c84a7fa1fa.zip |
add missing paths to disable-interpreters.inc
and update allow-xxx.inc
Fedora uses /usr/lib64 for arch specifiy files and /usr/lib for arch
independent files. php, py2, ruby may have also paths there.
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/inc/allow-lua.inc | 2 | ||||
-rw-r--r-- | etc/inc/allow-perl.inc | 1 | ||||
-rw-r--r-- | etc/inc/disable-interpreters.inc | 3 |
4 files changed, 7 insertions, 1 deletions
@@ -1,5 +1,5 @@ | |||
1 | firejail (0.9.65) baseline; urgency=low | 1 | firejail (0.9.65) baseline; urgency=low |
2 | * allow --tmpfs inside $HOME for unprivileged users | 2 | * allow --tmpfs and --bind inside $HOME for unprivileged users |
3 | 3 | ||
4 | firejail (0.9.64) baseline; urgency=low | 4 | firejail (0.9.64) baseline; urgency=low |
5 | * replaced --nowrap option with --wrap in firemon | 5 | * replaced --nowrap option with --wrap in firemon |
diff --git a/etc/inc/allow-lua.inc b/etc/inc/allow-lua.inc index 9df8e8d32..9c47e7a3b 100644 --- a/etc/inc/allow-lua.inc +++ b/etc/inc/allow-lua.inc | |||
@@ -6,5 +6,7 @@ noblacklist ${PATH}/lua* | |||
6 | noblacklist /usr/include | 6 | noblacklist /usr/include |
7 | noblacklist /usr/lib/liblua* | 7 | noblacklist /usr/lib/liblua* |
8 | noblacklist /usr/lib/lua | 8 | noblacklist /usr/lib/lua |
9 | noblacklist /usr/lib64/liblua* | ||
10 | noblacklist /usr/lib64/lua | ||
9 | noblacklist /usr/share/lua | 11 | noblacklist /usr/share/lua |
10 | noblacklist /usr/share/lua* | 12 | noblacklist /usr/share/lua* |
diff --git a/etc/inc/allow-perl.inc b/etc/inc/allow-perl.inc index f44e1e3cc..5a1952c94 100644 --- a/etc/inc/allow-perl.inc +++ b/etc/inc/allow-perl.inc | |||
@@ -8,4 +8,5 @@ noblacklist ${PATH}/perl | |||
8 | noblacklist ${PATH}/site_perl | 8 | noblacklist ${PATH}/site_perl |
9 | noblacklist ${PATH}/vendor_perl | 9 | noblacklist ${PATH}/vendor_perl |
10 | noblacklist /usr/lib/perl* | 10 | noblacklist /usr/lib/perl* |
11 | noblacklist /usr/lib64/perl* | ||
11 | noblacklist /usr/share/perl* | 12 | noblacklist /usr/share/perl* |
diff --git a/etc/inc/disable-interpreters.inc b/etc/inc/disable-interpreters.inc index 59e9c7de3..4f6f71098 100644 --- a/etc/inc/disable-interpreters.inc +++ b/etc/inc/disable-interpreters.inc | |||
@@ -15,6 +15,8 @@ blacklist ${PATH}/lua* | |||
15 | blacklist /usr/include/lua* | 15 | blacklist /usr/include/lua* |
16 | blacklist /usr/lib/liblua* | 16 | blacklist /usr/lib/liblua* |
17 | blacklist /usr/lib/lua | 17 | blacklist /usr/lib/lua |
18 | blacklist /usr/lib64/liblua* | ||
19 | blacklist /usr/lib64/lua | ||
18 | blacklist /usr/share/lua* | 20 | blacklist /usr/share/lua* |
19 | 21 | ||
20 | # mozjs | 22 | # mozjs |
@@ -34,6 +36,7 @@ blacklist ${PATH}/perl | |||
34 | blacklist ${PATH}/site_perl | 36 | blacklist ${PATH}/site_perl |
35 | blacklist ${PATH}/vendor_perl | 37 | blacklist ${PATH}/vendor_perl |
36 | blacklist /usr/lib/perl* | 38 | blacklist /usr/lib/perl* |
39 | blacklist /usr/lib64/perl* | ||
37 | blacklist /usr/share/perl* | 40 | blacklist /usr/share/perl* |
38 | 41 | ||
39 | # PHP | 42 | # PHP |