diff options
author | mjudtmann <mjudtmann@gmx.net> | 2015-08-17 15:20:47 +0200 |
---|---|---|
committer | mjudtmann <mjudtmann@gmx.net> | 2015-08-17 15:20:47 +0200 |
commit | b77af9bad3c0cfe18d11216c4543cf74660965f0 (patch) | |
tree | 312c777753bd2375fc61d45dbbf65d7801d4e8f9 /etc/disable-mgmt.inc | |
parent | removed mknod from default seccomp filter, some software packages are using n... (diff) | |
download | firejail-b77af9bad3c0cfe18d11216c4543cf74660965f0.tar.gz firejail-b77af9bad3c0cfe18d11216c4543cf74660965f0.tar.zst firejail-b77af9bad3c0cfe18d11216c4543cf74660965f0.zip |
Update disable-mgmt.inc
Jailed applications should not be able to change the configuration of firejail.
Diffstat (limited to 'etc/disable-mgmt.inc')
-rw-r--r-- | etc/disable-mgmt.inc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/disable-mgmt.inc b/etc/disable-mgmt.inc index f04619ea0..8cc346ae1 100644 --- a/etc/disable-mgmt.inc +++ b/etc/disable-mgmt.inc | |||
@@ -10,3 +10,7 @@ blacklist ${PATH}/su | |||
10 | blacklist ${PATH}/sudo | 10 | blacklist ${PATH}/sudo |
11 | blacklist ${PATH}/xinput | 11 | blacklist ${PATH}/xinput |
12 | blacklist ${PATH}/strace | 12 | blacklist ${PATH}/strace |
13 | |||
14 | # Prevent manipulation of firejail configuration | ||
15 | blacklist /etc/firejail | ||
16 | blacklist ${HOME}/.config/firejail | ||