diff options
| author |  The Fox in the Shell <KellerFuchs@hashbang.sh> | 2017-01-12 00:21:52 +0100 |
|---|---|---|
| committer | The Fox in the Shell <KellerFuchs@hashbang.sh> | 2017-01-12 00:21:52 +0100 |
| commit | cbb8417abad24234979c6ade8ef87f764b2ad791 (patch) | |
| tree | cfec71839449065c4cd523552e5ee9099a75f355 /etc/disable-common.inc | |
| parent | disable-common: Make directories commonly found in $PATH read-only (diff) | |
| download | firejail-cbb8417abad24234979c6ade8ef87f764b2ad791.tar.gz firejail-cbb8417abad24234979c6ade8ef87f764b2ad791.tar.zst firejail-cbb8417abad24234979c6ade8ef87f764b2ad791.zip | |
disable-common: Make ~/.local read-only
Diffstat (limited to 'etc/disable-common.inc')
| -rw-r--r-- | etc/disable-common.inc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 78698782b..184885c7f 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
| @@ -123,6 +123,11 @@ read-only ${HOME}/.gem | |||
| 123 | read-only ${HOME}/.luarocks | 123 | read-only ${HOME}/.luarocks |
| 124 | read-only ${HOME}/.npm-packages | 124 | read-only ${HOME}/.npm-packages |
| 125 | 125 | ||
| 126 | # Make the contents of ~/.local read-only, | ||
| 127 | # except the commonly-used ~/.local/share | ||
| 128 | read-only ${HOME}/.local | ||
| 129 | read-write ${HOME}/.local/share | ||
| 130 | |||
| 126 | # top secret | 131 | # top secret |
| 127 | blacklist ${HOME}/.ecryptfs | 132 | blacklist ${HOME}/.ecryptfs |
| 128 | blacklist ${HOME}/.Private | 133 | blacklist ${HOME}/.Private |