diff options
author | netblue30 <netblue30@protonmail.com> | 2020-12-12 12:14:22 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-12 12:14:22 -0500 |
commit | c1b461e4f9d5c16fedd23dee69bd9c47fc8ad5fb (patch) | |
tree | 58ce1c42c3bb7f68e5effb0f82c6daf4b49e9f60 /etc/inc/disable-common.inc | |
parent | curl HSTS cache support (#3813) (diff) | |
parent | disable-common.inc: blacklist ldns tools (diff) | |
download | firejail-c1b461e4f9d5c16fedd23dee69bd9c47fc8ad5fb.tar.gz firejail-c1b461e4f9d5c16fedd23dee69bd9c47fc8ad5fb.tar.zst firejail-c1b461e4f9d5c16fedd23dee69bd9c47fc8ad5fb.zip |
Merge pull request #3810 from kmk3/dc-add-ldns
Dc add ldns
Diffstat (limited to 'etc/inc/disable-common.inc')
-rw-r--r-- | etc/inc/disable-common.inc | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index bf40457a2..2b56bb5be 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -515,18 +515,21 @@ blacklist /proc/config.gz | |||
515 | # prevent DNS malware attempting to communicate with the server | 515 | # prevent DNS malware attempting to communicate with the server |
516 | # using regular DNS tools | 516 | # using regular DNS tools |
517 | blacklist ${PATH}/dig | 517 | blacklist ${PATH}/dig |
518 | blacklist ${PATH}/kdig | ||
519 | blacklist ${PATH}/nslookup | ||
520 | blacklist ${PATH}/host | ||
521 | blacklist ${PATH}/dlint | 518 | blacklist ${PATH}/dlint |
522 | blacklist ${PATH}/dnswalk | ||
523 | blacklist ${PATH}/dns2tcp | 519 | blacklist ${PATH}/dns2tcp |
520 | blacklist ${PATH}/dnswalk | ||
521 | blacklist ${PATH}/drill | ||
522 | blacklist ${PATH}/host | ||
524 | blacklist ${PATH}/iodine | 523 | blacklist ${PATH}/iodine |
524 | blacklist ${PATH}/kdig | ||
525 | blacklist ${PATH}/knsupdate | 525 | blacklist ${PATH}/knsupdate |
526 | blacklist ${PATH}/ldns-* | ||
527 | blacklist ${PATH}/ldnsd | ||
528 | blacklist ${PATH}/nslookup | ||
526 | blacklist ${PATH}/resolvectl | 529 | blacklist ${PATH}/resolvectl |
527 | 530 | ||
528 | # rest of ${RUNUSER} | 531 | # rest of ${RUNUSER} |
529 | blacklist ${RUNUSER}/*.lock | 532 | blacklist ${RUNUSER}/*.lock |
530 | blacklist ${RUNUSER}/inaccessible | 533 | blacklist ${RUNUSER}/inaccessible |
531 | blacklist ${RUNUSER}/update-notifier.pid | ||
532 | blacklist ${RUNUSER}/pk-debconf-socket | 534 | blacklist ${RUNUSER}/pk-debconf-socket |
535 | blacklist ${RUNUSER}/update-notifier.pid | ||