diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-03-24 14:47:17 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-03-24 20:10:06 -0300 |
commit | d1336c9927d7f88fc939c2b7a319655cdd898240 (patch) | |
tree | fd5bc9a4c7d6d690bfc17ded100c48f3e2c197be /etc/inc/disable-programs.inc | |
parent | disable-common.inc: make ~/Applications dir read-only (diff) | |
download | firejail-d1336c9927d7f88fc939c2b7a319655cdd898240.tar.gz firejail-d1336c9927d7f88fc939c2b7a319655cdd898240.tar.zst firejail-d1336c9927d7f88fc939c2b7a319655cdd898240.zip |
disable-programs.inc: blacklist ~/Applications dir
It is used for storing AppImages.
Note that even when blacklisting a directory, it is possible to execute
an AppImage from it. For example, the following works:
firejail --noprofile --blacklist='${HOME}/Applications' --appimage \
~/Applications/foo.AppImage
While the resulting process does not appear to have access to the
blacklisted directory.
Diffstat (limited to 'etc/inc/disable-programs.inc')
-rw-r--r-- | etc/inc/disable-programs.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index efe1b2572..558ae2446 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -1144,6 +1144,7 @@ blacklist ${HOME}/.yarn-config | |||
1144 | blacklist ${HOME}/.yarncache | 1144 | blacklist ${HOME}/.yarncache |
1145 | blacklist ${HOME}/.yarnrc | 1145 | blacklist ${HOME}/.yarnrc |
1146 | blacklist ${HOME}/.zoom | 1146 | blacklist ${HOME}/.zoom |
1147 | blacklist ${HOME}/Applications # used for storing AppImages | ||
1147 | blacklist ${HOME}/Arduino | 1148 | blacklist ${HOME}/Arduino |
1148 | blacklist ${HOME}/Monero/wallets | 1149 | blacklist ${HOME}/Monero/wallets |
1149 | blacklist ${HOME}/Nextcloud | 1150 | blacklist ${HOME}/Nextcloud |