diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-08-04 16:29:41 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-08-04 16:33:11 +0200 |
commit | f4b36e80321379c4917c7ab9c9b3bbcfad05899f (patch) | |
tree | 47f06094fc7568a848af10ffdb1393f9083abde6 /etc/inc | |
parent | Added ~/Private blacklist (#4434) (diff) | |
download | firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.gz firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.zst firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.zip |
Profile fixes
- Fix #4157 -- [Feature] Should rmenv GitHub auth tokens
There are still more token variables from other program that should be
added.
- Fix #4093 -- darktable needs read access to liblua*
- Fix #4383 -- move noblacklist ${HOME}/.bogofilter to email-common.profile for claws-mail (and other mailers)
- Fix xournalpp.profile
- syscalls.txt: ausyscall i386 -> firejail --debug-syscalls32
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/disable-passwdmgr.inc | 8 | ||||
-rw-r--r-- | etc/inc/disable-programs.inc | 2 |
2 files changed, 10 insertions, 0 deletions
diff --git a/etc/inc/disable-passwdmgr.inc b/etc/inc/disable-passwdmgr.inc index 3ed9a1b14..5876e2763 100644 --- a/etc/inc/disable-passwdmgr.inc +++ b/etc/inc/disable-passwdmgr.inc | |||
@@ -17,3 +17,11 @@ blacklist ${HOME}/.lastpass | |||
17 | blacklist ${HOME}/.local/share/KeePass | 17 | blacklist ${HOME}/.local/share/KeePass |
18 | blacklist ${HOME}/.local/share/keepass | 18 | blacklist ${HOME}/.local/share/keepass |
19 | blacklist ${HOME}/.password-store | 19 | blacklist ${HOME}/.password-store |
20 | |||
21 | # Remove environment variables with auth tokens. | ||
22 | # Note however that the sandbox might still have access to the | ||
23 | # files where these variables are set. | ||
24 | rmenv GH_TOKEN | ||
25 | rmenv GITHUB_TOKEN | ||
26 | rmenv GH_ENTERPRISE_TOKEN | ||
27 | rmenv GITHUB_ENTERPRISE_TOKEN | ||
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index cdc5f622c..f8a94e498 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -438,6 +438,7 @@ blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml | |||
438 | blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 438 | blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
439 | blacklist ${HOME}/.config/xiaoyong | 439 | blacklist ${HOME}/.config/xiaoyong |
440 | blacklist ${HOME}/.config/xmms2 | 440 | blacklist ${HOME}/.config/xmms2 |
441 | blacklist ${HOME}/.config/xournalpp | ||
441 | blacklist ${HOME}/.config/xplayer | 442 | blacklist ${HOME}/.config/xplayer |
442 | blacklist ${HOME}/.config/xreader | 443 | blacklist ${HOME}/.config/xreader |
443 | blacklist ${HOME}/.config/xviewer | 444 | blacklist ${HOME}/.config/xviewer |
@@ -1099,6 +1100,7 @@ blacklist ${HOME}/.cache/waterfox | |||
1099 | blacklist ${HOME}/.cache/wesnoth | 1100 | blacklist ${HOME}/.cache/wesnoth |
1100 | blacklist ${HOME}/.cache/winetricks | 1101 | blacklist ${HOME}/.cache/winetricks |
1101 | blacklist ${HOME}/.cache/xmms2 | 1102 | blacklist ${HOME}/.cache/xmms2 |
1103 | blacklist ${HOME}/.cache/xournalpp | ||
1102 | blacklist ${HOME}/.cache/xreader | 1104 | blacklist ${HOME}/.cache/xreader |
1103 | blacklist ${HOME}/.cache/yandex-browser | 1105 | blacklist ${HOME}/.cache/yandex-browser |
1104 | blacklist ${HOME}/.cache/yandex-browser-beta | 1106 | blacklist ${HOME}/.cache/yandex-browser-beta |