diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-02 21:01:08 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-02 21:01:08 +0200 |
commit | 109b1865669ac1038454023762fb83cd0ebf6cca (patch) | |
tree | efd9bc13c2c6e7f583709e3d46f2e9fe120de9bf /etc/disable-common.inc | |
parent | many profile cleanups (2) (diff) | |
download | firejail-109b1865669ac1038454023762fb83cd0ebf6cca.tar.gz firejail-109b1865669ac1038454023762fb83cd0ebf6cca.tar.zst firejail-109b1865669ac1038454023762fb83cd0ebf6cca.zip |
many profile cleanups (3)
Diffstat (limited to 'etc/disable-common.inc')
-rw-r--r-- | etc/disable-common.inc | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 9d7a34bc5..9d9be1426 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -242,6 +242,7 @@ read-only ${HOME}/.ssh/authorized_keys | |||
242 | 242 | ||
243 | # Initialization files that allow arbitrary command execution | 243 | # Initialization files that allow arbitrary command execution |
244 | read-only ${HOME}/.caffrc | 244 | read-only ${HOME}/.caffrc |
245 | read-only ${HOME}/.cargo/env | ||
245 | read-only ${HOME}/.dotfiles | 246 | read-only ${HOME}/.dotfiles |
246 | read-only ${HOME}/.emacs | 247 | read-only ${HOME}/.emacs |
247 | read-only ${HOME}/.emacs.d | 248 | read-only ${HOME}/.emacs.d |
@@ -275,7 +276,6 @@ read-only ${HOME}/bin | |||
275 | read-only ${HOME}/.bin | 276 | read-only ${HOME}/.bin |
276 | read-only ${HOME}/.local/bin | 277 | read-only ${HOME}/.local/bin |
277 | read-only ${HOME}/.cargo/bin | 278 | read-only ${HOME}/.cargo/bin |
278 | read-only ${HOME}/.cargo/env | ||
279 | blacklist ${HOME}/.cargo/registry | 279 | blacklist ${HOME}/.cargo/registry |
280 | blacklist ${HOME}/.cargo/config | 280 | blacklist ${HOME}/.cargo/config |
281 | 281 | ||
@@ -414,3 +414,12 @@ blacklist /usr/share/flatpak | |||
414 | blacklist /var/lib/flatpak | 414 | blacklist /var/lib/flatpak |
415 | # most of the time bwrap is SUID binary | 415 | # most of the time bwrap is SUID binary |
416 | blacklist ${PATH}/bwrap | 416 | blacklist ${PATH}/bwrap |
417 | |||
418 | # mail directories used by mutt | ||
419 | blacklist ${HOME}/.Mail | ||
420 | blacklist ${HOME}/.mail | ||
421 | blacklist ${HOME}/.signature | ||
422 | blacklist ${HOME}/Mail | ||
423 | blacklist ${HOME}/mail | ||
424 | blacklist ${HOME}/postponed | ||
425 | blacklist ${HOME}/sent | ||