diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-05-02 17:58:02 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-02 17:58:02 +0000 |
commit | 49280197ccf830b708b1b7c4d6fb8b3590f44da2 (patch) | |
tree | 76ae21d4faa96a2970738aedc693b6b9ed3183c8 /etc/inc/disable-programs.inc | |
parent | fixes for zeal.profile (diff) | |
download | firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.tar.gz firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.tar.zst firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.zip |
various hardening (#3394)
Diffstat (limited to 'etc/inc/disable-programs.inc')
-rw-r--r-- | etc/inc/disable-programs.inc | 30 |
1 files changed, 28 insertions, 2 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 9e6af8785..89189b533 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -54,8 +54,13 @@ blacklist ${HOME}/.bibletime | |||
54 | blacklist ${HOME}/.bitcoin | 54 | blacklist ${HOME}/.bitcoin |
55 | blacklist ${HOME}/.bogofilter | 55 | blacklist ${HOME}/.bogofilter |
56 | blacklist ${HOME}/.bzf | 56 | blacklist ${HOME}/.bzf |
57 | blacklist ${HOME}/.cargo/registry | 57 | blacklist ${HOME}/.cargo/advisory-db |
58 | blacklist ${HOME}/.cargo/config | 58 | blacklist ${HOME}/.cargo/config |
59 | blacklist ${HOME}/.cargo/git | ||
60 | blacklist ${HOME}/.cargo/registry | ||
61 | blacklist ${HOME}/.cargo/.crates.toml | ||
62 | blacklist ${HOME}/.cargo/.crates2.json | ||
63 | blacklist ${HOME}/.cargo/.package-cache | ||
59 | blacklist ${HOME}/.claws-mail | 64 | blacklist ${HOME}/.claws-mail |
60 | blacklist ${HOME}/.cliqz | 65 | blacklist ${HOME}/.cliqz |
61 | blacklist ${HOME}/.clonk | 66 | blacklist ${HOME}/.clonk |
@@ -75,6 +80,7 @@ blacklist ${HOME}/.config/Code - OSS | |||
75 | blacklist ${HOME}/.config/Code Industry | 80 | blacklist ${HOME}/.config/Code Industry |
76 | blacklist ${HOME}/.config/Cryptocat | 81 | blacklist ${HOME}/.config/Cryptocat |
77 | blacklist ${HOME}/.config/Debauchee/Barrier.conf | 82 | blacklist ${HOME}/.config/Debauchee/Barrier.conf |
83 | blacklist ${HOME}/.config/Dharkael | ||
78 | blacklist ${HOME}/.config/Enox | 84 | blacklist ${HOME}/.config/Enox |
79 | blacklist ${HOME}/.config/Ferdi | 85 | blacklist ${HOME}/.config/Ferdi |
80 | blacklist ${HOME}/.config/Franz | 86 | blacklist ${HOME}/.config/Franz |
@@ -118,6 +124,7 @@ blacklist ${HOME}/.config/Slack | |||
118 | blacklist ${HOME}/.config/Standard Notes | 124 | blacklist ${HOME}/.config/Standard Notes |
119 | blacklist ${HOME}/.config/SubDownloader | 125 | blacklist ${HOME}/.config/SubDownloader |
120 | blacklist ${HOME}/.config/Thunar | 126 | blacklist ${HOME}/.config/Thunar |
127 | blacklist ${HOME}/.config/Unknown Organization | ||
121 | blacklist ${HOME}/.config/VirtualBox | 128 | blacklist ${HOME}/.config/VirtualBox |
122 | blacklist ${HOME}/.config/Wire | 129 | blacklist ${HOME}/.config/Wire |
123 | blacklist ${HOME}/.config/Zeal | 130 | blacklist ${HOME}/.config/Zeal |
@@ -125,6 +132,7 @@ blacklist ${HOME}/.config/abiword | |||
125 | blacklist ${HOME}/.config/agenda | 132 | blacklist ${HOME}/.config/agenda |
126 | blacklist ${HOME}/.config/akonadi* | 133 | blacklist ${HOME}/.config/akonadi* |
127 | blacklist ${HOME}/.config/akregatorrc | 134 | blacklist ${HOME}/.config/akregatorrc |
135 | blacklist ${HOME}/.config/alacritty | ||
128 | blacklist ${HOME}/.config/ardour4 | 136 | blacklist ${HOME}/.config/ardour4 |
129 | blacklist ${HOME}/.config/ardour5 | 137 | blacklist ${HOME}/.config/ardour5 |
130 | blacklist ${HOME}/.config/aria2 | 138 | blacklist ${HOME}/.config/aria2 |
@@ -136,6 +144,7 @@ blacklist ${HOME}/.config/atril | |||
136 | blacklist ${HOME}/.config/audacious | 144 | blacklist ${HOME}/.config/audacious |
137 | blacklist ${HOME}/.config/autokey | 145 | blacklist ${HOME}/.config/autokey |
138 | blacklist ${HOME}/.config/aweather | 146 | blacklist ${HOME}/.config/aweather |
147 | blacklist ${HOME}/.config/backintime | ||
139 | blacklist ${HOME}/.config/baloofilerc | 148 | blacklist ${HOME}/.config/baloofilerc |
140 | blacklist ${HOME}/.config/baloorc | 149 | blacklist ${HOME}/.config/baloorc |
141 | blacklist ${HOME}/.config/blender | 150 | blacklist ${HOME}/.config/blender |
@@ -195,14 +204,18 @@ blacklist ${HOME}/.config/geeqie | |||
195 | blacklist ${HOME}/.config/ghb | 204 | blacklist ${HOME}/.config/ghb |
196 | blacklist ${HOME}/.config/ghostwriter | 205 | blacklist ${HOME}/.config/ghostwriter |
197 | blacklist ${HOME}/.config/git | 206 | blacklist ${HOME}/.config/git |
207 | blacklist ${HOME}/.config/glade.conf | ||
198 | blacklist ${HOME}/.config/globaltime | 208 | blacklist ${HOME}/.config/globaltime |
199 | blacklist ${HOME}/.config/gmpc | 209 | blacklist ${HOME}/.config/gmpc |
200 | blacklist ${HOME}/.config/gnome-builder | 210 | blacklist ${HOME}/.config/gnome-builder |
201 | blacklist ${HOME}/.config/gnome-chess | 211 | blacklist ${HOME}/.config/gnome-chess |
212 | blacklist ${HOME}/.config/gnome-control-center | ||
213 | blacklist ${HOME}/.config/gnome-initial-setup-done | ||
202 | blacklist ${HOME}/.config/gnome-latex | 214 | blacklist ${HOME}/.config/gnome-latex |
203 | blacklist ${HOME}/.config/gnome-mplayer | 215 | blacklist ${HOME}/.config/gnome-mplayer |
204 | blacklist ${HOME}/.config/gnome-mpv | 216 | blacklist ${HOME}/.config/gnome-mpv |
205 | blacklist ${HOME}/.config/gnome-pie | 217 | blacklist ${HOME}/.config/gnome-pie |
218 | blacklist ${HOME}/.config/gnome-session | ||
206 | blacklist ${HOME}/.config/godot | 219 | blacklist ${HOME}/.config/godot |
207 | blacklist ${HOME}/.config/google-chrome | 220 | blacklist ${HOME}/.config/google-chrome |
208 | blacklist ${HOME}/.config/google-chrome-beta | 221 | blacklist ${HOME}/.config/google-chrome-beta |
@@ -255,6 +268,7 @@ blacklist ${HOME}/.config/mate/eom | |||
255 | blacklist ${HOME}/.config/mate/mate-dictionary | 268 | blacklist ${HOME}/.config/mate/mate-dictionary |
256 | blacklist ${HOME}/.config/meld | 269 | blacklist ${HOME}/.config/meld |
257 | blacklist ${HOME}/.config/meteo-qt | 270 | blacklist ${HOME}/.config/meteo-qt |
271 | blacklist ${HOME}/.config/menulibre.cfg | ||
258 | blacklist ${HOME}/.config/mfusion | 272 | blacklist ${HOME}/.config/mfusion |
259 | blacklist ${HOME}/.config/Microsoft | 273 | blacklist ${HOME}/.config/Microsoft |
260 | blacklist ${HOME}/.config/midori | 274 | blacklist ${HOME}/.config/midori |
@@ -264,6 +278,7 @@ blacklist ${HOME}/.config/mpd | |||
264 | blacklist ${HOME}/.config/mps-youtube | 278 | blacklist ${HOME}/.config/mps-youtube |
265 | blacklist ${HOME}/.config/mpv | 279 | blacklist ${HOME}/.config/mpv |
266 | blacklist ${HOME}/.config/mupen64plus | 280 | blacklist ${HOME}/.config/mupen64plus |
281 | blacklist ${HOME}/.config/mutter | ||
267 | blacklist ${HOME}/.config/mypaint | 282 | blacklist ${HOME}/.config/mypaint |
268 | blacklist ${HOME}/.config/nano | 283 | blacklist ${HOME}/.config/nano |
269 | blacklist ${HOME}/.config/nautilus | 284 | blacklist ${HOME}/.config/nautilus |
@@ -362,6 +377,7 @@ blacklist ${HOME}/.config/zoomus.conf | |||
362 | blacklist ${HOME}/.config/Zulip | 377 | blacklist ${HOME}/.config/Zulip |
363 | blacklist ${HOME}/.conkeror.mozdev.org | 378 | blacklist ${HOME}/.conkeror.mozdev.org |
364 | blacklist ${HOME}/.crawl | 379 | blacklist ${HOME}/.crawl |
380 | blacklist ${HOME}/.cups | ||
365 | blacklist ${HOME}/.curlrc | 381 | blacklist ${HOME}/.curlrc |
366 | blacklist ${HOME}/.dashcore | 382 | blacklist ${HOME}/.dashcore |
367 | blacklist ${HOME}/.devilspie | 383 | blacklist ${HOME}/.devilspie |
@@ -400,6 +416,7 @@ blacklist ${HOME}/.gradle | |||
400 | blacklist ${HOME}/.gramps | 416 | blacklist ${HOME}/.gramps |
401 | blacklist ${HOME}/.guayadeque | 417 | blacklist ${HOME}/.guayadeque |
402 | blacklist ${HOME}/.hashcat | 418 | blacklist ${HOME}/.hashcat |
419 | blacklist ${HOME}/.hex-a-hop | ||
403 | blacklist ${HOME}/.hedgewars | 420 | blacklist ${HOME}/.hedgewars |
404 | blacklist ${HOME}/.hugin | 421 | blacklist ${HOME}/.hugin |
405 | blacklist ${HOME}/.i2p | 422 | blacklist ${HOME}/.i2p |
@@ -515,6 +532,7 @@ blacklist ${HOME}/.local/share/agenda | |||
515 | blacklist ${HOME}/.local/share/apps/korganizer | 532 | blacklist ${HOME}/.local/share/apps/korganizer |
516 | blacklist ${HOME}/.local/share/aspyr-media | 533 | blacklist ${HOME}/.local/share/aspyr-media |
517 | blacklist ${HOME}/.local/share/autokey | 534 | blacklist ${HOME}/.local/share/autokey |
535 | blacklist ${HOME}/.local/share/backintime | ||
518 | blacklist ${HOME}/.local/share/baloo | 536 | blacklist ${HOME}/.local/share/baloo |
519 | blacklist ${HOME}/.local/share/barrier | 537 | blacklist ${HOME}/.local/share/barrier |
520 | blacklist ${HOME}/.local/share/bibletime | 538 | blacklist ${HOME}/.local/share/bibletime |
@@ -545,8 +563,9 @@ blacklist ${HOME}/.local/share/geeqie | |||
545 | blacklist ${HOME}/.local/share/ghostwriter | 563 | blacklist ${HOME}/.local/share/ghostwriter |
546 | blacklist ${HOME}/.local/share/gitg | 564 | blacklist ${HOME}/.local/share/gitg |
547 | blacklist ${HOME}/.local/share/gnome-2048 | 565 | blacklist ${HOME}/.local/share/gnome-2048 |
548 | blacklist ${HOME}/.local/share/gnome-chess | 566 | blacklist ${HOME}/.local/share/gnome-boxes |
549 | blacklist ${HOME}/.local/share/gnome-builder | 567 | blacklist ${HOME}/.local/share/gnome-builder |
568 | blacklist ${HOME}/.local/share/gnome-chess | ||
550 | blacklist ${HOME}/.local/share/gnome-klotski | 569 | blacklist ${HOME}/.local/share/gnome-klotski |
551 | blacklist ${HOME}/.local/share/gnome-latex | 570 | blacklist ${HOME}/.local/share/gnome-latex |
552 | blacklist ${HOME}/.local/share/gnome-mines | 571 | blacklist ${HOME}/.local/share/gnome-mines |
@@ -672,6 +691,7 @@ blacklist ${HOME}/.penguin-command | |||
672 | blacklist ${HOME}/.pingus | 691 | blacklist ${HOME}/.pingus |
673 | blacklist ${HOME}/.pioneer | 692 | blacklist ${HOME}/.pioneer |
674 | blacklist ${HOME}/.purple | 693 | blacklist ${HOME}/.purple |
694 | blacklist ${HOME}/.pylint.d | ||
675 | blacklist ${HOME}/.qemu-launcher | 695 | blacklist ${HOME}/.qemu-launcher |
676 | blacklist ${HOME}/.qgis2 | 696 | blacklist ${HOME}/.qgis2 |
677 | blacklist ${HOME}/.qmmp | 697 | blacklist ${HOME}/.qmmp |
@@ -702,6 +722,7 @@ blacklist ${HOME}/.config/teams-for-linux | |||
702 | blacklist ${HOME}/.tb | 722 | blacklist ${HOME}/.tb |
703 | blacklist ${HOME}/.tconn | 723 | blacklist ${HOME}/.tconn |
704 | blacklist ${HOME}/.teeworlds | 724 | blacklist ${HOME}/.teeworlds |
725 | blacklist ${HOME}/.texlive2018 | ||
705 | blacklist ${HOME}/.thunderbird | 726 | blacklist ${HOME}/.thunderbird |
706 | blacklist ${HOME}/.tilp | 727 | blacklist ${HOME}/.tilp |
707 | blacklist ${HOME}/.tooling | 728 | blacklist ${HOME}/.tooling |
@@ -779,6 +800,7 @@ blacklist ${HOME}/.cache/chromium-dev | |||
779 | blacklist ${HOME}/.cache/cliqz | 800 | blacklist ${HOME}/.cache/cliqz |
780 | blacklist ${HOME}/.cache/com.github.johnfactotum.Foliate | 801 | blacklist ${HOME}/.cache/com.github.johnfactotum.Foliate |
781 | blacklist ${HOME}/.cache/darktable | 802 | blacklist ${HOME}/.cache/darktable |
803 | blacklist ${HOME}/.cache/deja-dup | ||
782 | blacklist ${HOME}/.cache/discover | 804 | blacklist ${HOME}/.cache/discover |
783 | blacklist ${HOME}/.cache/dnox | 805 | blacklist ${HOME}/.cache/dnox |
784 | blacklist ${HOME}/.cache/dolphin | 806 | blacklist ${HOME}/.cache/dolphin |
@@ -795,9 +817,12 @@ blacklist ${HOME}/.cache/gegl-0.4 | |||
795 | blacklist ${HOME}/.cache/geeqie | 817 | blacklist ${HOME}/.cache/geeqie |
796 | blacklist ${HOME}/.cache/gfeeds | 818 | blacklist ${HOME}/.cache/gfeeds |
797 | blacklist ${HOME}/.cache/gimp | 819 | blacklist ${HOME}/.cache/gimp |
820 | blacklist ${HOME}/.cache/gnome-boxes | ||
798 | blacklist ${HOME}/.cache/gnome-builder | 821 | blacklist ${HOME}/.cache/gnome-builder |
822 | blacklist ${HOME}/.cache/gnome-control-center | ||
799 | blacklist ${HOME}/.cache/gnome-recipes | 823 | blacklist ${HOME}/.cache/gnome-recipes |
800 | blacklist ${HOME}/.cache/gnome-screenshot | 824 | blacklist ${HOME}/.cache/gnome-screenshot |
825 | blacklist ${HOME}/.cache/gnome-software | ||
801 | blacklist ${HOME}/.cache/gnome-twitch | 826 | blacklist ${HOME}/.cache/gnome-twitch |
802 | blacklist ${HOME}/.cache/godot | 827 | blacklist ${HOME}/.cache/godot |
803 | blacklist ${HOME}/.cache/google-chrome | 828 | blacklist ${HOME}/.cache/google-chrome |
@@ -848,6 +873,7 @@ blacklist ${HOME}/.cache/org.gnome.Books | |||
848 | blacklist ${HOME}/.cache/org.gnome.Maps | 873 | blacklist ${HOME}/.cache/org.gnome.Maps |
849 | blacklist ${HOME}/.cache/pdfmod | 874 | blacklist ${HOME}/.cache/pdfmod |
850 | blacklist ${HOME}/.cache/peek | 875 | blacklist ${HOME}/.cache/peek |
876 | blacklist ${HOME}/.cache/pip | ||
851 | blacklist ${HOME}/.cache/plasmashell | 877 | blacklist ${HOME}/.cache/plasmashell |
852 | blacklist ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite* | 878 | blacklist ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite* |
853 | blacklist ${HOME}/.cache/qBittorrent | 879 | blacklist ${HOME}/.cache/qBittorrent |