diff options
author | netblue30 <netblue30@yahoo.com> | 2015-10-30 08:55:25 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-10-30 08:55:25 -0400 |
commit | 2b37849dbdc1e7be2fac0756a39de8e54b40ae2c (patch) | |
tree | 7ddf41d4c3b53176aa978ddd63384e009125bd1b /etc | |
parent | release 0.9.34-rc1 testing (diff) | |
download | firejail-2b37849dbdc1e7be2fac0756a39de8e54b40ae2c.tar.gz firejail-2b37849dbdc1e7be2fac0756a39de8e54b40ae2c.tar.zst firejail-2b37849dbdc1e7be2fac0756a39de8e54b40ae2c.zip |
Protect shell startup files
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index ece906717..87a979034 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -76,3 +76,36 @@ blacklist /etc/profile.d | |||
76 | blacklist /etc/rc.local | 76 | blacklist /etc/rc.local |
77 | blacklist /etc/anacrontab | 77 | blacklist /etc/anacrontab |
78 | 78 | ||
79 | # General startup files | ||
80 | read-only ${HOME}/.xinitrc | ||
81 | read-only ${HOME}/.xserverrc | ||
82 | read-only ${HOME}/.profile | ||
83 | |||
84 | # Shell startup files | ||
85 | read-only ${HOME}/.bash_login | ||
86 | read-only ${HOME}/.bashrc | ||
87 | read-only ${HOME}/.bash_profile | ||
88 | read-only ${HOME}/.bash_logout | ||
89 | read-only ${HOME}/.zshrc | ||
90 | read-only ${HOME}/.zlogin | ||
91 | read-only ${HOME}/.zprofile | ||
92 | read-only ${HOME}/.zlogout | ||
93 | read-only ${HOME}/.zsh_files | ||
94 | read-only ${HOME}/.tcshrc | ||
95 | read-only ${HOME}/.cshrc | ||
96 | read-only ${HOME}/.csh_files | ||
97 | |||
98 | # Initialization files that allow arbitrary command execution | ||
99 | read-only ${HOME}/.mailcap | ||
100 | read-only ${HOME}/.exrc | ||
101 | read-only ${HOME}/.vimrc | ||
102 | read-only ${HOME}/.vim | ||
103 | read-only ${HOME}/.emacs | ||
104 | read-only ${HOME}/.tmux.conf | ||
105 | read-only ${HOME}/.iscreenrc | ||
106 | read-only ${HOME}/.muttrc | ||
107 | read-only ${HOME}/.xmonad | ||
108 | |||
109 | # The user ~/bin directory can override commands such as ls | ||
110 | read-only ${HOME}/bin | ||
111 | |||