diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-08-12 17:25:47 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-12 17:25:47 +0000 |
commit | ca8603c09d8ec0ac05e5853485707fe9f96499f2 (patch) | |
tree | 471d82126371961f7b95c15482369062d8c4e68d /etc/inc | |
parent | Create disable-X11.inc (#4462) (diff) | |
download | firejail-ca8603c09d8ec0ac05e5853485707fe9f96499f2.tar.gz firejail-ca8603c09d8ec0ac05e5853485707fe9f96499f2.tar.zst firejail-ca8603c09d8ec0ac05e5853485707fe9f96499f2.zip |
Move disable-passwordmgr.inc into disable-common.inc/disable-programs.inc (#4461)
See #4454
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/disable-common.inc | 12 | ||||
-rw-r--r-- | etc/inc/disable-passwdmgr.inc | 31 | ||||
-rw-r--r-- | etc/inc/disable-programs.inc | 13 |
3 files changed, 25 insertions, 31 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 4efdaba2d..a9dd4921f 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -431,6 +431,18 @@ blacklist ${HOME}/.ssh | |||
431 | blacklist ${HOME}/.vaults | 431 | blacklist ${HOME}/.vaults |
432 | blacklist /var/backup | 432 | blacklist /var/backup |
433 | 433 | ||
434 | # Remove environment variables with auth tokens. | ||
435 | # Note however that the sandbox might still have access to the | ||
436 | # files where these variables are set. | ||
437 | rmenv GH_TOKEN | ||
438 | rmenv GITHUB_TOKEN | ||
439 | rmenv GH_ENTERPRISE_TOKEN | ||
440 | rmenv GITHUB_ENTERPRISE_TOKEN | ||
441 | rmenv CARGO_REGISTRY_TOKEN | ||
442 | rmenv RESTIC_KEY_HINT | ||
443 | rmenv RESTIC_PASSWORD_COMMAND | ||
444 | rmenv RESTIC_PASSWORD_FILE | ||
445 | |||
434 | # cloud provider configuration | 446 | # cloud provider configuration |
435 | blacklist ${HOME}/.aws | 447 | blacklist ${HOME}/.aws |
436 | blacklist ${HOME}/.boto | 448 | blacklist ${HOME}/.boto |
diff --git a/etc/inc/disable-passwdmgr.inc b/etc/inc/disable-passwdmgr.inc deleted file mode 100644 index 080887a1b..000000000 --- a/etc/inc/disable-passwdmgr.inc +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include disable-passwdmgr.local | ||
4 | |||
5 | blacklist ${HOME}/.config/Bitwarden | ||
6 | blacklist ${HOME}/.config/KeePass | ||
7 | blacklist ${HOME}/.config/keepass | ||
8 | blacklist ${HOME}/.config/keepassx | ||
9 | blacklist ${HOME}/.config/keepassxc | ||
10 | blacklist ${HOME}/.config/KeePassXCrc | ||
11 | blacklist ${HOME}/.config/Sinew Software Systems | ||
12 | blacklist ${HOME}/.fpm | ||
13 | blacklist ${HOME}/.keepass | ||
14 | blacklist ${HOME}/.keepassx | ||
15 | blacklist ${HOME}/.keepassxc | ||
16 | blacklist ${HOME}/.lastpass | ||
17 | blacklist ${HOME}/.local/share/KeePass | ||
18 | blacklist ${HOME}/.local/share/keepass | ||
19 | blacklist ${HOME}/.password-store | ||
20 | |||
21 | # Remove environment variables with auth tokens. | ||
22 | # Note however that the sandbox might still have access to the | ||
23 | # files where these variables are set. | ||
24 | rmenv GH_TOKEN | ||
25 | rmenv GITHUB_TOKEN | ||
26 | rmenv GH_ENTERPRISE_TOKEN | ||
27 | rmenv GITHUB_ENTERPRISE_TOKEN | ||
28 | rmenv CARGO_REGISTRY_TOKEN | ||
29 | rmenv RESTIC_KEY_HINT | ||
30 | rmenv RESTIC_PASSWORD_COMMAND | ||
31 | rmenv RESTIC_PASSWORD_FILE | ||
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index f8a94e498..ea7c2ea82 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -94,6 +94,8 @@ blacklist ${HOME}/.config/InSilmaril | |||
94 | blacklist ${HOME}/.config/Jitsi Meet | 94 | blacklist ${HOME}/.config/Jitsi Meet |
95 | blacklist ${HOME}/.config/JetBrains/CLion* | 95 | blacklist ${HOME}/.config/JetBrains/CLion* |
96 | blacklist ${HOME}/.config/KDE/neochat | 96 | blacklist ${HOME}/.config/KDE/neochat |
97 | blacklist ${HOME}/.config/KeePass | ||
98 | blacklist ${HOME}/.config/KeePassXCrc | ||
97 | blacklist ${HOME}/.config/Kid3 | 99 | blacklist ${HOME}/.config/Kid3 |
98 | blacklist ${HOME}/.config/Kingsoft | 100 | blacklist ${HOME}/.config/Kingsoft |
99 | blacklist ${HOME}/.config/LibreCAD | 101 | blacklist ${HOME}/.config/LibreCAD |
@@ -286,6 +288,9 @@ blacklist ${HOME}/.config/kdeconnect | |||
286 | blacklist ${HOME}/.config/kdenliverc | 288 | blacklist ${HOME}/.config/kdenliverc |
287 | blacklist ${HOME}/.config/kdiff3fileitemactionrc | 289 | blacklist ${HOME}/.config/kdiff3fileitemactionrc |
288 | blacklist ${HOME}/.config/kdiff3rc | 290 | blacklist ${HOME}/.config/kdiff3rc |
291 | blacklist ${HOME}/.config/keepass | ||
292 | blacklist ${HOME}/.config/keepassx | ||
293 | blacklist ${HOME}/.config/keepassxc | ||
289 | blacklist ${HOME}/.config/kfindrc | 294 | blacklist ${HOME}/.config/kfindrc |
290 | blacklist ${HOME}/.config/kgetrc | 295 | blacklist ${HOME}/.config/kgetrc |
291 | blacklist ${HOME}/.config/kid3rc | 296 | blacklist ${HOME}/.config/kid3rc |
@@ -480,6 +485,7 @@ blacklist ${HOME}/.firedragon | |||
480 | blacklist ${HOME}/.flowblade | 485 | blacklist ${HOME}/.flowblade |
481 | blacklist ${HOME}/.fltk | 486 | blacklist ${HOME}/.fltk |
482 | blacklist ${HOME}/.fossamail | 487 | blacklist ${HOME}/.fossamail |
488 | blacklist ${HOME}/.fpm | ||
483 | blacklist ${HOME}/.freeciv | 489 | blacklist ${HOME}/.freeciv |
484 | blacklist ${HOME}/.freecol | 490 | blacklist ${HOME}/.freecol |
485 | blacklist ${HOME}/.freemind | 491 | blacklist ${HOME}/.freemind |
@@ -574,6 +580,9 @@ blacklist ${HOME}/.kde4/share/config/kopeterc | |||
574 | blacklist ${HOME}/.kde4/share/config/ktorrentrc | 580 | blacklist ${HOME}/.kde4/share/config/ktorrentrc |
575 | blacklist ${HOME}/.kde4/share/config/okularpartrc | 581 | blacklist ${HOME}/.kde4/share/config/okularpartrc |
576 | blacklist ${HOME}/.kde4/share/config/okularrc | 582 | blacklist ${HOME}/.kde4/share/config/okularrc |
583 | blacklist ${HOME}/.keepass | ||
584 | blacklist ${HOME}/.keepassx | ||
585 | blacklist ${HOME}/.keepassxc | ||
577 | blacklist ${HOME}/.killingfloor | 586 | blacklist ${HOME}/.killingfloor |
578 | blacklist ${HOME}/.kingsoft | 587 | blacklist ${HOME}/.kingsoft |
579 | blacklist ${HOME}/.kino-history | 588 | blacklist ${HOME}/.kino-history |
@@ -581,6 +590,7 @@ blacklist ${HOME}/.kinorc | |||
581 | blacklist ${HOME}/.klatexformula | 590 | blacklist ${HOME}/.klatexformula |
582 | blacklist ${HOME}/.klei | 591 | blacklist ${HOME}/.klei |
583 | blacklist ${HOME}/.kodi | 592 | blacklist ${HOME}/.kodi |
593 | blacklist ${HOME}/.lastpass | ||
584 | blacklist ${HOME}/.librewolf | 594 | blacklist ${HOME}/.librewolf |
585 | blacklist ${HOME}/.lincity-ng | 595 | blacklist ${HOME}/.lincity-ng |
586 | blacklist ${HOME}/.links | 596 | blacklist ${HOME}/.links |
@@ -600,6 +610,7 @@ blacklist ${HOME}/.local/share/Flavio Tordini | |||
600 | blacklist ${HOME}/.local/share/IntoTheBreach | 610 | blacklist ${HOME}/.local/share/IntoTheBreach |
601 | blacklist ${HOME}/.local/share/JetBrains | 611 | blacklist ${HOME}/.local/share/JetBrains |
602 | blacklist ${HOME}/.local/share/KDE/neochat | 612 | blacklist ${HOME}/.local/share/KDE/neochat |
613 | blacklist ${HOME}/.local/share/KeePass | ||
603 | blacklist ${HOME}/.local/share/Kingsoft | 614 | blacklist ${HOME}/.local/share/Kingsoft |
604 | blacklist ${HOME}/.local/share/LibreCAD | 615 | blacklist ${HOME}/.local/share/LibreCAD |
605 | blacklist ${HOME}/.local/share/Mendeley Ltd. | 616 | blacklist ${HOME}/.local/share/Mendeley Ltd. |
@@ -693,6 +704,7 @@ blacklist ${HOME}/.local/share/kaffeine | |||
693 | blacklist ${HOME}/.local/share/kalgebra | 704 | blacklist ${HOME}/.local/share/kalgebra |
694 | blacklist ${HOME}/.local/share/kate | 705 | blacklist ${HOME}/.local/share/kate |
695 | blacklist ${HOME}/.local/share/kdenlive | 706 | blacklist ${HOME}/.local/share/kdenlive |
707 | blacklist ${HOME}/.local/share/keepass | ||
696 | blacklist ${HOME}/.local/share/kget | 708 | blacklist ${HOME}/.local/share/kget |
697 | blacklist ${HOME}/.local/share/kiwix | 709 | blacklist ${HOME}/.local/share/kiwix |
698 | blacklist ${HOME}/.local/share/kiwix-desktop | 710 | blacklist ${HOME}/.local/share/kiwix-desktop |
@@ -825,6 +837,7 @@ blacklist ${HOME}/.opera-beta | |||
825 | blacklist ${HOME}/.ostrichriders | 837 | blacklist ${HOME}/.ostrichriders |
826 | blacklist ${HOME}/.paradoxinteractive | 838 | blacklist ${HOME}/.paradoxinteractive |
827 | blacklist ${HOME}/.parallelrealities/blobwars | 839 | blacklist ${HOME}/.parallelrealities/blobwars |
840 | blacklist ${HOME}/.password-store | ||
828 | blacklist ${HOME}/.pcsxr | 841 | blacklist ${HOME}/.pcsxr |
829 | blacklist ${HOME}/.penguin-command | 842 | blacklist ${HOME}/.penguin-command |
830 | blacklist ${HOME}/.pine-crash | 843 | blacklist ${HOME}/.pine-crash |