diff options
author | smitsohu <smitsohu@gmail.com> | 2019-03-15 12:37:36 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-03-15 12:37:36 +0100 |
commit | 529315fe17a526eb8200e42a44b57ddffbd7a838 (patch) | |
tree | a70214750cdd46f0e6945d24a715ab19125a8244 /etc/disable-exec.inc | |
parent | ffmpegthumbnailer breaks in ranger with private-cache enabled from (#2596) (diff) | |
download | firejail-529315fe17a526eb8200e42a44b57ddffbd7a838.tar.gz firejail-529315fe17a526eb8200e42a44b57ddffbd7a838.tar.zst firejail-529315fe17a526eb8200e42a44b57ddffbd7a838.zip |
profile hardening: add disable-exec.inc in more places
Diffstat (limited to 'etc/disable-exec.inc')
-rw-r--r-- | etc/disable-exec.inc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/etc/disable-exec.inc b/etc/disable-exec.inc index c535af7d4..ee3391730 100644 --- a/etc/disable-exec.inc +++ b/etc/disable-exec.inc | |||
@@ -6,6 +6,6 @@ noexec ${HOME} | |||
6 | noexec ${RUNUSER} | 6 | noexec ${RUNUSER} |
7 | noexec /dev/shm | 7 | noexec /dev/shm |
8 | noexec /tmp | 8 | noexec /tmp |
9 | # /var/tmp is noexec by default | 9 | # /var is noexec by default for unprivileged users |
10 | # just in case there is a keep-var-tmp option: | 10 | # except there is a writable-var option, so just in case: |
11 | noexec /var/tmp | 11 | noexec /var |