diff options
author | Netcarver <id.github.com@gzap.org> | 2023-02-14 11:23:44 +0000 |
---|---|---|
committer | Netcarver <id.github.com@gzap.org> | 2023-02-14 11:23:44 +0000 |
commit | 50d48c1f13fb65ced03712d5a34653906b8db783 (patch) | |
tree | 8021faa4329ca03f99653205de2762b351bd14d1 /etc/inc | |
parent | private-etc: kdiff3, gzip, gunzip, tar etc (diff) | |
download | firejail-50d48c1f13fb65ced03712d5a34653906b8db783.tar.gz firejail-50d48c1f13fb65ced03712d5a34653906b8db783.tar.zst firejail-50d48c1f13fb65ced03712d5a34653906b8db783.zip |
Prevent access to LUKS keyfile
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/disable-common.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 03daaa9a6..81f417232 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -450,6 +450,9 @@ blacklist ${HOME}/.vaults | |||
450 | blacklist /run/timeshift | 450 | blacklist /run/timeshift |
451 | blacklist /var/backup | 451 | blacklist /var/backup |
452 | 452 | ||
453 | # dm-crypt / LUKS | ||
454 | blacklist /crypto_keyfile.bin | ||
455 | |||
453 | # Remove environment variables with auth tokens. | 456 | # Remove environment variables with auth tokens. |
454 | # Note however that the sandbox might still have access to the | 457 | # Note however that the sandbox might still have access to the |
455 | # files where these variables are set. | 458 | # files where these variables are set. |