aboutsummaryrefslogtreecommitdiffstats
path: root/etc/inc
diff options
context:
space:
mode:
authorLibravatar Kelvin M. Klann <kmk3.code@protonmail.com>2023-10-11 07:18:04 -0300
committerLibravatar Kelvin M. Klann <kmk3.code@protonmail.com>2023-10-11 07:18:04 -0300
commit741dac237cebcf144baee5274df18741558c55c4 (patch)
tree0da7392ec3aca5ce194e890c066d4fa0c226ee1b /etc/inc
parentpavucontrol-qt: fix broken whitelisting in ${HOME} (#6045) (diff)
downloadfirejail-741dac237cebcf144baee5274df18741558c55c4.tar.gz
firejail-741dac237cebcf144baee5274df18741558c55c4.tar.zst
firejail-741dac237cebcf144baee5274df18741558c55c4.zip
disable-common.inc: sort suid section
Diffstat (limited to 'etc/inc')
-rw-r--r--etc/inc/disable-common.inc68
1 files changed, 34 insertions, 34 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 8dae97fe9..d42ec5964 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -504,6 +504,7 @@ blacklist /usr/sbin
504 504
505# system management and various SUID executables 505# system management and various SUID executables
506blacklist ${PATH}/at 506blacklist ${PATH}/at
507blacklist ${PATH}/bmon
507blacklist ${PATH}/busybox 508blacklist ${PATH}/busybox
508blacklist ${PATH}/chage 509blacklist ${PATH}/chage
509blacklist ${PATH}/chfn 510blacklist ${PATH}/chfn
@@ -512,71 +513,70 @@ blacklist ${PATH}/crontab
512blacklist ${PATH}/doas 513blacklist ${PATH}/doas
513blacklist ${PATH}/evtest 514blacklist ${PATH}/evtest
514blacklist ${PATH}/expiry 515blacklist ${PATH}/expiry
516blacklist ${PATH}/fping
517blacklist ${PATH}/fping6
515blacklist ${PATH}/fusermount 518blacklist ${PATH}/fusermount
516blacklist ${PATH}/gksu 519blacklist ${PATH}/gksu
517blacklist ${PATH}/gksudo 520blacklist ${PATH}/gksudo
518blacklist ${PATH}/gpasswd 521blacklist ${PATH}/gpasswd
522blacklist ${PATH}/hostname
523#blacklist ${PATH}/ip # breaks --ip=dhcp
519blacklist ${PATH}/kdesudo 524blacklist ${PATH}/kdesudo
520blacklist ${PATH}/ksu 525blacklist ${PATH}/ksu
521blacklist ${PATH}/mount 526blacklist ${PATH}/mount
522blacklist ${PATH}/mount.ecryptfs_private 527blacklist ${PATH}/mount.ecryptfs_private
523blacklist ${PATH}/mountpoint 528blacklist ${PATH}/mountpoint
529blacklist ${PATH}/mtr
530blacklist ${PATH}/mtr-packet
524blacklist ${PATH}/nc 531blacklist ${PATH}/nc
525blacklist ${PATH}/nc.traditional
526blacklist ${PATH}/nc.openbsd 532blacklist ${PATH}/nc.openbsd
533blacklist ${PATH}/nc.traditional
527blacklist ${PATH}/ncat 534blacklist ${PATH}/ncat
528blacklist ${PATH}/nmap 535blacklist ${PATH}/netstat
536blacklist ${PATH}/networkctl
529blacklist ${PATH}/newgidmap 537blacklist ${PATH}/newgidmap
530blacklist ${PATH}/newgrp 538blacklist ${PATH}/newgrp
531blacklist ${PATH}/newuidmap 539blacklist ${PATH}/newuidmap
540blacklist ${PATH}/nm-online
541blacklist ${PATH}/nmap
542blacklist ${PATH}/nmcli
543blacklist ${PATH}/nmtui
544blacklist ${PATH}/nmtui-connect
545blacklist ${PATH}/nmtui-edit
546blacklist ${PATH}/nmtui-hostname
532blacklist ${PATH}/ntfs-3g 547blacklist ${PATH}/ntfs-3g
548blacklist ${PATH}/passwd
549blacklist ${PATH}/physlock
533blacklist ${PATH}/pkexec 550blacklist ${PATH}/pkexec
551blacklist ${PATH}/pmount
534blacklist ${PATH}/procmail 552blacklist ${PATH}/procmail
553blacklist ${PATH}/pumount
554blacklist ${PATH}/schroot
535blacklist ${PATH}/sg 555blacklist ${PATH}/sg
556blacklist ${PATH}/slock
557blacklist ${PATH}/ss
536blacklist ${PATH}/strace 558blacklist ${PATH}/strace
537blacklist ${PATH}/su 559blacklist ${PATH}/su
538blacklist ${PATH}/sudo 560blacklist ${PATH}/sudo
561blacklist ${PATH}/suexec
539blacklist ${PATH}/tcpdump 562blacklist ${PATH}/tcpdump
563blacklist ${PATH}/traceroute
540blacklist ${PATH}/umount 564blacklist ${PATH}/umount
541blacklist ${PATH}/unix_chkpwd 565blacklist ${PATH}/unix_chkpwd
566blacklist ${PATH}/wshowkeys
542blacklist ${PATH}/xev 567blacklist ${PATH}/xev
543blacklist ${PATH}/xinput 568blacklist ${PATH}/xinput
544blacklist /usr/lib/openssh 569blacklist /usr/lib/chromium/chrome-sandbox
545blacklist /usr/lib/ssh
546blacklist /usr/libexec/openssh
547blacklist ${PATH}/passwd
548blacklist /usr/lib/xorg/Xorg.wrap
549blacklist /usr/lib/policykit-1/polkit-agent-helper-1
550blacklist /usr/lib/dbus-1.0/dbus-daemon-launch-helper 570blacklist /usr/lib/dbus-1.0/dbus-daemon-launch-helper
551blacklist /usr/lib/eject/dmcrypt-get-device 571blacklist /usr/lib/eject/dmcrypt-get-device
552blacklist /usr/lib/chromium/chrome-sandbox 572blacklist /usr/lib/openssh
553blacklist /usr/lib/opera/opera_sandbox 573blacklist /usr/lib/opera/opera_sandbox
554blacklist /usr/lib/vmware 574blacklist /usr/lib/policykit-1/polkit-agent-helper-1
555blacklist ${PATH}/suexec
556blacklist /usr/lib/squid/basic_pam_auth 575blacklist /usr/lib/squid/basic_pam_auth
557blacklist ${PATH}/slock 576blacklist /usr/lib/ssh
558blacklist ${PATH}/physlock 577blacklist /usr/lib/vmware
559blacklist ${PATH}/schroot 578blacklist /usr/lib/xorg/Xorg.wrap
560blacklist ${PATH}/wshowkeys 579blacklist /usr/libexec/openssh
561blacklist ${PATH}/pmount
562blacklist ${PATH}/pumount
563blacklist ${PATH}/bmon
564blacklist ${PATH}/fping
565blacklist ${PATH}/fping6
566blacklist ${PATH}/hostname
567#blacklist ${PATH}/ip # breaks --ip=dhcp
568blacklist ${PATH}/mtr
569blacklist ${PATH}/mtr-packet
570blacklist ${PATH}/netstat
571blacklist ${PATH}/nm-online
572blacklist ${PATH}/nmcli
573blacklist ${PATH}/nmtui
574blacklist ${PATH}/nmtui-connect
575blacklist ${PATH}/nmtui-edit
576blacklist ${PATH}/nmtui-hostname
577blacklist ${PATH}/networkctl
578blacklist ${PATH}/ss
579blacklist ${PATH}/traceroute
580# since firejail version 0.9.73 580# since firejail version 0.9.73
581blacklist ${PATH}/dpkg* 581blacklist ${PATH}/dpkg*
582blacklist ${PATH}/apt* 582blacklist ${PATH}/apt*
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 16:45:43 +0000