diff options
author | netblue30 <netblue30@protonmail.com> | 2021-07-05 07:23:31 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-07-05 07:23:31 -0400 |
commit | fe0f975f447d59977d90c3226cc8c623b31b20b3 (patch) | |
tree | 70897a33cde6c716e273d927d18a6be4b54c18a9 /etc/inc/disable-interpreters.inc | |
parent | deprecated whitelist=yes/no in /etc/firejail/firejail.config (diff) | |
download | firejail-fe0f975f447d59977d90c3226cc8c623b31b20b3.tar.gz firejail-fe0f975f447d59977d90c3226cc8c623b31b20b3.tar.zst firejail-fe0f975f447d59977d90c3226cc8c623b31b20b3.zip |
move whitelist/blacklist to allow/deny
Diffstat (limited to 'etc/inc/disable-interpreters.inc')
-rw-r--r-- | etc/inc/disable-interpreters.inc | 84 |
1 files changed, 42 insertions, 42 deletions
diff --git a/etc/inc/disable-interpreters.inc b/etc/inc/disable-interpreters.inc index 5d8a236fb..c77d9a490 100644 --- a/etc/inc/disable-interpreters.inc +++ b/etc/inc/disable-interpreters.inc | |||
@@ -3,66 +3,66 @@ | |||
3 | include disable-interpreters.local | 3 | include disable-interpreters.local |
4 | 4 | ||
5 | # gjs | 5 | # gjs |
6 | blacklist ${PATH}/gjs | 6 | deny ${PATH}/gjs |
7 | blacklist ${PATH}/gjs-console | 7 | deny ${PATH}/gjs-console |
8 | blacklist /usr/lib/gjs | 8 | deny /usr/lib/gjs |
9 | blacklist /usr/lib/libgjs* | 9 | deny /usr/lib/libgjs* |
10 | blacklist /usr/lib64/gjs | 10 | deny /usr/lib64/gjs |
11 | blacklist /usr/lib64/libgjs* | 11 | deny /usr/lib64/libgjs* |
12 | 12 | ||
13 | # Lua | 13 | # Lua |
14 | blacklist ${PATH}/lua* | 14 | deny ${PATH}/lua* |
15 | blacklist /usr/include/lua* | 15 | deny /usr/include/lua* |
16 | blacklist /usr/lib/liblua* | 16 | deny /usr/lib/liblua* |
17 | blacklist /usr/lib/lua | 17 | deny /usr/lib/lua |
18 | blacklist /usr/lib64/liblua* | 18 | deny /usr/lib64/liblua* |
19 | blacklist /usr/lib64/lua | 19 | deny /usr/lib64/lua |
20 | blacklist /usr/share/lua* | 20 | deny /usr/share/lua* |
21 | 21 | ||
22 | # mozjs | 22 | # mozjs |
23 | blacklist /usr/lib/libmozjs-* | 23 | deny /usr/lib/libmozjs-* |
24 | blacklist /usr/lib64/libmozjs-* | 24 | deny /usr/lib64/libmozjs-* |
25 | 25 | ||
26 | # Node.js | 26 | # Node.js |
27 | blacklist ${PATH}/node | 27 | deny ${PATH}/node |
28 | blacklist /usr/include/node | 28 | deny /usr/include/node |
29 | 29 | ||
30 | # nvm | 30 | # nvm |
31 | blacklist ${HOME}/.nvm | 31 | deny ${HOME}/.nvm |
32 | 32 | ||
33 | # Perl | 33 | # Perl |
34 | blacklist ${PATH}/core_perl | 34 | deny ${PATH}/core_perl |
35 | blacklist ${PATH}/cpan* | 35 | deny ${PATH}/cpan* |
36 | blacklist ${PATH}/perl | 36 | deny ${PATH}/perl |
37 | blacklist ${PATH}/site_perl | 37 | deny ${PATH}/site_perl |
38 | blacklist ${PATH}/vendor_perl | 38 | deny ${PATH}/vendor_perl |
39 | blacklist /usr/lib/perl* | 39 | deny /usr/lib/perl* |
40 | blacklist /usr/lib64/perl* | 40 | deny /usr/lib64/perl* |
41 | blacklist /usr/share/perl* | 41 | deny /usr/share/perl* |
42 | 42 | ||
43 | # PHP | 43 | # PHP |
44 | blacklist ${PATH}/php* | 44 | deny ${PATH}/php* |
45 | blacklist /usr/lib/php* | 45 | deny /usr/lib/php* |
46 | blacklist /usr/share/php* | 46 | deny /usr/share/php* |
47 | 47 | ||
48 | # Ruby | 48 | # Ruby |
49 | blacklist ${PATH}/ruby | 49 | deny ${PATH}/ruby |
50 | blacklist /usr/lib/ruby | 50 | deny /usr/lib/ruby |
51 | 51 | ||
52 | # Programs using python: deluge, firefox addons, filezilla, cherrytree, xchat, hexchat, libreoffice, scribus | 52 | # Programs using python: deluge, firefox addons, filezilla, cherrytree, xchat, hexchat, libreoffice, scribus |
53 | # Python 2 | 53 | # Python 2 |
54 | blacklist ${PATH}/python2* | 54 | deny ${PATH}/python2* |
55 | blacklist /usr/include/python2* | 55 | deny /usr/include/python2* |
56 | blacklist /usr/lib/python2* | 56 | deny /usr/lib/python2* |
57 | blacklist /usr/local/lib/python2* | 57 | deny /usr/local/lib/python2* |
58 | blacklist /usr/share/python2* | 58 | deny /usr/share/python2* |
59 | 59 | ||
60 | # You will want to add noblacklist for python3 stuff in the firefox and/or chromium profiles if you use the Gnome connector (see Issue #2026) | 60 | # You will want to add noblacklist for python3 stuff in the firefox and/or chromium profiles if you use the Gnome connector (see Issue #2026) |
61 | 61 | ||
62 | # Python 3 | 62 | # Python 3 |
63 | blacklist ${PATH}/python3* | 63 | deny ${PATH}/python3* |
64 | blacklist /usr/include/python3* | 64 | deny /usr/include/python3* |
65 | blacklist /usr/lib/python3* | 65 | deny /usr/lib/python3* |
66 | blacklist /usr/lib64/python3* | 66 | deny /usr/lib64/python3* |
67 | blacklist /usr/local/lib/python3* | 67 | deny /usr/local/lib/python3* |
68 | blacklist /usr/share/python3* | 68 | deny /usr/share/python3* |