diff options
| author |  Netcarver <id.github.com@gzap.org> | 2023-02-14 11:23:44 +0000 |
|---|---|---|
| committer | Netcarver <id.github.com@gzap.org> | 2023-02-14 11:23:44 +0000 |
| commit | 50d48c1f13fb65ced03712d5a34653906b8db783 (patch) | |
| tree | 8021faa4329ca03f99653205de2762b351bd14d1 /etc/inc | |
| parent | private-etc: kdiff3, gzip, gunzip, tar etc (diff) | |
| download | firejail-50d48c1f13fb65ced03712d5a34653906b8db783.tar.gz firejail-50d48c1f13fb65ced03712d5a34653906b8db783.tar.zst firejail-50d48c1f13fb65ced03712d5a34653906b8db783.zip | |
Prevent access to LUKS keyfile
Diffstat (limited to 'etc/inc')
| -rw-r--r-- | etc/inc/disable-common.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 03daaa9a6..81f417232 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
| @@ -450,6 +450,9 @@ blacklist ${HOME}/.vaults | |||
| 450 | blacklist /run/timeshift | 450 | blacklist /run/timeshift |
| 451 | blacklist /var/backup | 451 | blacklist /var/backup |
| 452 | 452 | ||
| 453 | # dm-crypt / LUKS | ||
| 454 | blacklist /crypto_keyfile.bin | ||
| 455 | |||
| 453 | # Remove environment variables with auth tokens. | 456 | # Remove environment variables with auth tokens. |
| 454 | # Note however that the sandbox might still have access to the | 457 | # Note however that the sandbox might still have access to the |
| 455 | # files where these variables are set. | 458 | # files where these variables are set. |