diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-05-29 00:26:56 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-05-30 14:45:21 -0300 |
commit | 66dc2643aca9d19e3d77ad4153d2ec9684a3794f (patch) | |
tree | 3a3230e6f9dacf34f41c405ef2d7ef441ba552d3 /etc/inc/disable-X11.inc | |
parent | kate.profile: add missing include comment (diff) | |
download | firejail-66dc2643aca9d19e3d77ad4153d2ec9684a3794f.tar.gz firejail-66dc2643aca9d19e3d77ad4153d2ec9684a3794f.tar.zst firejail-66dc2643aca9d19e3d77ad4153d2ec9684a3794f.zip |
disable-common.inc: move blacklist of /etc/profile.d
To disable-shell.inc.
Interactive shells can be executed from certain development-related
programs (such as IDEs) and the shells themselves are not blocked by
default, but this shell startup directory currently is. To avoid
running a shell without access to potentially needed startup files, only
blacklist /etc/profile.d when interactive shells are also blocked.
Note that /etc/profile.d should only be of concern to interactive
shells, so a profile that includes both disable-shell.inc and
allow-bin-sh.inc (which likely means that it needs access to only
non-interactive shells) should not be affected by the blacklisting.
Relates to #3411 #5159.
Diffstat (limited to 'etc/inc/disable-X11.inc')
0 files changed, 0 insertions, 0 deletions