diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-05-29 00:26:56 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-05-30 14:45:21 -0300 |
commit | 66dc2643aca9d19e3d77ad4153d2ec9684a3794f (patch) | |
tree | 3a3230e6f9dacf34f41c405ef2d7ef441ba552d3 /etc/inc/disable-common.inc | |
parent | kate.profile: add missing include comment (diff) | |
download | firejail-66dc2643aca9d19e3d77ad4153d2ec9684a3794f.tar.gz firejail-66dc2643aca9d19e3d77ad4153d2ec9684a3794f.tar.zst firejail-66dc2643aca9d19e3d77ad4153d2ec9684a3794f.zip |
disable-common.inc: move blacklist of /etc/profile.d
To disable-shell.inc.
Interactive shells can be executed from certain development-related
programs (such as IDEs) and the shells themselves are not blocked by
default, but this shell startup directory currently is. To avoid
running a shell without access to potentially needed startup files, only
blacklist /etc/profile.d when interactive shells are also blocked.
Note that /etc/profile.d should only be of concern to interactive
shells, so a profile that includes both disable-shell.inc and
allow-bin-sh.inc (which likely means that it needs access to only
non-interactive shells) should not be affected by the blacklisting.
Relates to #3411 #5159.
Diffstat (limited to 'etc/inc/disable-common.inc')
-rw-r--r-- | etc/inc/disable-common.inc | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index d08ba3646..5918ee640 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -261,7 +261,6 @@ blacklist /etc/grub* | |||
261 | blacklist /etc/kernel* | 261 | blacklist /etc/kernel* |
262 | blacklist /etc/logrotate* | 262 | blacklist /etc/logrotate* |
263 | blacklist /etc/modules* | 263 | blacklist /etc/modules* |
264 | blacklist /etc/profile.d | ||
265 | blacklist /etc/rc.local | 264 | blacklist /etc/rc.local |
266 | # rc1.d, rc2.d, ... | 265 | # rc1.d, rc2.d, ... |
267 | blacklist /etc/rc?.d | 266 | blacklist /etc/rc?.d |