summaryrefslogtreecommitdiffstats
path: root/etc/ssh.profile
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2019-03-15 12:37:36 +0100
committerLibravatar smitsohu <smitsohu@gmail.com>2019-03-15 12:37:36 +0100
commit529315fe17a526eb8200e42a44b57ddffbd7a838 (patch)
treea70214750cdd46f0e6945d24a715ab19125a8244 /etc/ssh.profile
parentffmpegthumbnailer breaks in ranger with private-cache enabled from (#2596) (diff)
downloadfirejail-529315fe17a526eb8200e42a44b57ddffbd7a838.tar.gz
firejail-529315fe17a526eb8200e42a44b57ddffbd7a838.tar.zst
firejail-529315fe17a526eb8200e42a44b57ddffbd7a838.zip
profile hardening: add disable-exec.inc in more places
Diffstat (limited to 'etc/ssh.profile')
-rw-r--r--etc/ssh.profile3
1 files changed, 1 insertions, 2 deletions
diff --git a/etc/ssh.profile b/etc/ssh.profile
index de627dcf0..4c8af65b8 100644
--- a/etc/ssh.profile
+++ b/etc/ssh.profile
@@ -12,6 +12,7 @@ noblacklist /tmp/ssh-*
12noblacklist ${HOME}/.ssh 12noblacklist ${HOME}/.ssh
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-exec.inc
15include disable-passwdmgr.inc 16include disable-passwdmgr.inc
16include disable-programs.inc 17include disable-programs.inc
17 18
@@ -36,6 +37,4 @@ private-dev
36# private-tmp # Breaks when exiting 37# private-tmp # Breaks when exiting
37 38
38memory-deny-write-execute 39memory-deny-write-execute
39noexec ${HOME}
40noexec /tmp
41writable-run-user 40writable-run-user