disable-common.inc: add missing dns tools (#3828)

Add the missing binaries in the DNS section, as suggested by @glitsj16: https://github.com/netblue30/firejail/pull/3810#issuecomment-742920539 Packages and their relevant binaries: * bind: dnssec-* * knot: khost * unbound: unbound-host
author: Kelvin <kmk3.code@protonmail.com> 2020-12-20 00:03:33 +0000
committer: GitHub <noreply@github.com> 2020-12-20 00:03:33 +0000
commit: 508dc3ae991e6f0418eaf42babaf5de6db4f7cd9 (patch)
tree: 7db2bc3a58e13eaae3e4df294abf0888ed3f8c8b
parent: archivers: limiting file system access (#3834) (diff)
download: firejail-508dc3ae991e6f0418eaf42babaf5de6db4f7cd9.tar.gz
firejail-508dc3ae991e6f0418eaf42babaf5de6db4f7cd9.tar.zst
firejail-508dc3ae991e6f0418eaf42babaf5de6db4f7cd9.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 2b56bb5be..d88506d90 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -517,16 +517,19 @@ blacklist /proc/config.gz
 blacklist ${PATH}/dig
 blacklist ${PATH}/dlint
 blacklist ${PATH}/dns2tcp
+blacklist ${PATH}/dnssec-*
 blacklist ${PATH}/dnswalk
 blacklist ${PATH}/drill
 blacklist ${PATH}/host
 blacklist ${PATH}/iodine
 blacklist ${PATH}/kdig
+blacklist ${PATH}/khost
 blacklist ${PATH}/knsupdate
 blacklist ${PATH}/ldns-*
 blacklist ${PATH}/ldnsd
 blacklist ${PATH}/nslookup
 blacklist ${PATH}/resolvectl
+blacklist ${PATH}/unbound-host
 # rest of ${RUNUSER}
 blacklist ${RUNUSER}/*.lock
author	Kelvin <kmk3.code@protonmail.com>	2020-12-20 00:03:33 +0000
committer	GitHub <noreply@github.com>	2020-12-20 00:03:33 +0000
commit	508dc3ae991e6f0418eaf42babaf5de6db4f7cd9 (patch)
tree	7db2bc3a58e13eaae3e4df294abf0888ed3f8c8b
parent	archivers: limiting file system access (#3834) (diff)
download	firejail-508dc3ae991e6f0418eaf42babaf5de6db4f7cd9.tar.gz firejail-508dc3ae991e6f0418eaf42babaf5de6db4f7cd9.tar.zst firejail-508dc3ae991e6f0418eaf42babaf5de6db4f7cd9.zip