aboutsummaryrefslogtreecommitdiffstats
path: root/etc/disable-common.inc
diff options
context:
space:
mode:
authorLibravatar vis <vis@mailbox.org>2016-11-03 15:06:57 +0100
committerLibravatar vis <vis@mailbox.org>2016-11-03 15:06:57 +0100
commit2aafd9bd3a96b578bf423eb8faba0efe965c52d5 (patch)
tree6ab4d26a6daad1e3972a86dbdcbe67030d710883 /etc/disable-common.inc
parentImprovements for Zathura profile (diff)
parentremoved warning if --quiet is enabled (diff)
downloadfirejail-2aafd9bd3a96b578bf423eb8faba0efe965c52d5.tar.gz
firejail-2aafd9bd3a96b578bf423eb8faba0efe965c52d5.tar.zst
firejail-2aafd9bd3a96b578bf423eb8faba0efe965c52d5.zip
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'etc/disable-common.inc')
-rw-r--r--etc/disable-common.inc35
1 files changed, 27 insertions, 8 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 4f854c8d8..38a8b86d6 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -1,6 +1,7 @@
1# History files in $HOME 1# History files in $HOME
2blacklist-nolog ${HOME}/.history 2blacklist-nolog ${HOME}/.history
3blacklist-nolog ${HOME}/.*_history 3blacklist-nolog ${HOME}/.*_history
4blacklist-nolog ${HOME}/.bash_history
4blacklist ${HOME}/.local/share/systemd 5blacklist ${HOME}/.local/share/systemd
5blacklist-nolog ${HOME}/.adobe 6blacklist-nolog ${HOME}/.adobe
6blacklist-nolog ${HOME}/.macromedia 7blacklist-nolog ${HOME}/.macromedia
@@ -23,6 +24,7 @@ blacklist ${HOME}/.config/openbox/autostart
23blacklist ${HOME}/.config/openbox/environment 24blacklist ${HOME}/.config/openbox/environment
24blacklist ${HOME}/.gnomerc 25blacklist ${HOME}/.gnomerc
25blacklist /etc/X11/Xsession.d/ 26blacklist /etc/X11/Xsession.d/
27blacklist ${HOME}/.xpra
26 28
27# VirtualBox 29# VirtualBox
28blacklist ${HOME}/.VirtualBox 30blacklist ${HOME}/.VirtualBox
@@ -96,9 +98,6 @@ read-only ${HOME}/.emacs.d
96read-only ${HOME}/.nano 98read-only ${HOME}/.nano
97read-only ${HOME}/.tmux.conf 99read-only ${HOME}/.tmux.conf
98read-only ${HOME}/.iscreenrc 100read-only ${HOME}/.iscreenrc
99read-only ${HOME}/.muttrc
100read-only ${HOME}/.mutt/muttrc
101read-only ${HOME}/.msmtprc
102read-only ${HOME}/.reportbugrc 101read-only ${HOME}/.reportbugrc
103read-only ${HOME}/.xmonad 102read-only ${HOME}/.xmonad
104read-only ${HOME}/.xscreensaver 103read-only ${HOME}/.xscreensaver
@@ -137,6 +136,11 @@ blacklist /etc/gshadow+
137blacklist /etc/ssh 136blacklist /etc/ssh
138blacklist /var/backup 137blacklist /var/backup
139 138
139# system directories
140blacklist /sbin
141blacklist /usr/sbin
142blacklist /usr/local/sbin
143
140# system management 144# system management
141blacklist ${PATH}/umount 145blacklist ${PATH}/umount
142blacklist ${PATH}/mount 146blacklist ${PATH}/mount
@@ -149,11 +153,22 @@ blacklist ${PATH}/xev
149blacklist ${PATH}/strace 153blacklist ${PATH}/strace
150blacklist ${PATH}/nc 154blacklist ${PATH}/nc
151blacklist ${PATH}/ncat 155blacklist ${PATH}/ncat
152 156blacklist ${PATH}/gpasswd
153# system directories 157blacklist ${PATH}/newgidmap
154blacklist /sbin 158blacklist ${PATH}/newgrp
155blacklist /usr/sbin 159blacklist ${PATH}/newuidmap
156blacklist /usr/local/sbin 160blacklist ${PATH}/pkexec
161blacklist ${PATH}/sg
162blacklist ${PATH}/rsh
163blacklist ${PATH}/rlogin
164blacklist ${PATH}/rcp
165blacklist ${PATH}/crontab
166blacklist ${PATH}/ksu
167blacklist ${PATH}/chsh
168blacklist ${PATH}/chfn
169blacklist ${PATH}/chage
170blacklist ${PATH}/expiry
171blacklist ${PATH}/unix_chkpwd
157 172
158# prevent lxterminal connecting to an existing lxterminal session 173# prevent lxterminal connecting to an existing lxterminal session
159blacklist /tmp/.lxterminal-socket* 174blacklist /tmp/.lxterminal-socket*
@@ -172,3 +187,7 @@ blacklist ${PATH}/roxterm-config
172blacklist ${PATH}/terminix 187blacklist ${PATH}/terminix
173blacklist ${PATH}/urxvtc 188blacklist ${PATH}/urxvtc
174blacklist ${PATH}/urxvtcd 189blacklist ${PATH}/urxvtcd
190
191# kernel files
192blacklist /vmlinuz*
193blacklist /initrd*
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-08-12 09:04:31 +0000