diff options
author | smitsohu <smitsohu@gmail.com> | 2019-06-18 18:52:18 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-06-18 18:52:18 +0200 |
commit | b59225f5d987d0467c659b0b5c0630009d519e98 (patch) | |
tree | 35f672dda1ceb649c0689c9c069a021156d8c4c9 /etc/tar.profile | |
parent | fix logical OR in disable_file (diff) | |
download | firejail-b59225f5d987d0467c659b0b5c0630009d519e98.tar.gz firejail-b59225f5d987d0467c659b0b5c0630009d519e98.tar.zst firejail-b59225f5d987d0467c659b0b5c0630009d519e98.zip |
use 'x11 none' option
... instead of just blacklisting the X11 socket.
Systematically added to all profiles with 'net none' and
'blacklist /tmp/.X11-unix', and a few more
Diffstat (limited to 'etc/tar.profile')
-rw-r--r-- | etc/tar.profile | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/etc/tar.profile b/etc/tar.profile index 7e1fa8b92..1232bb372 100644 --- a/etc/tar.profile +++ b/etc/tar.profile | |||
@@ -7,8 +7,6 @@ include tar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-devel.inc | 11 | include disable-devel.inc |
14 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -36,6 +34,7 @@ protocol unix | |||
36 | seccomp | 34 | seccomp |
37 | shell none | 35 | shell none |
38 | tracelog | 36 | tracelog |
37 | x11 none | ||
39 | 38 | ||
40 | # support compressed archives | 39 | # support compressed archives |
41 | private-bin bash,bzip2,compress,gtar,gzip,lbzip2,lzip,lzma,lzop,sh,tar,xz | 40 | private-bin bash,bzip2,compress,gtar,gzip,lbzip2,lzip,lzma,lzop,sh,tar,xz |