diff options
author | The Fox in the Shell <KellerFuchs@hashbang.sh> | 2017-01-10 00:13:07 +0100 |
---|---|---|
committer | The Fox in the Shell <KellerFuchs@hashbang.sh> | 2017-01-10 00:13:07 +0100 |
commit | 0022b74ab59b807d982c06ea1a3d718356d9f147 (patch) | |
tree | 1feeac578d14b9acdb8e2c0057407036add90159 /etc | |
parent | Merge pull request #1027 from reinerh/cve-references2 (diff) | |
download | firejail-0022b74ab59b807d982c06ea1a3d718356d9f147.tar.gz firejail-0022b74ab59b807d982c06ea1a3d718356d9f147.tar.zst firejail-0022b74ab59b807d982c06ea1a3d718356d9f147.zip |
disable-common: Make mutt and msmtp's rc files R/O
Those allow arbitrary command executions through various mechanisms
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index efe5c850d..3fdccf6d2 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -101,6 +101,9 @@ read-only ${HOME}/.caffrc | |||
101 | read-only ${HOME}/.dotfiles | 101 | read-only ${HOME}/.dotfiles |
102 | read-only ${HOME}/dotfiles | 102 | read-only ${HOME}/dotfiles |
103 | read-only ${HOME}/.mailcap | 103 | read-only ${HOME}/.mailcap |
104 | read-only ${HOME}/.muttrc | ||
105 | read-only ${HOME}/.mutt/muttrc | ||
106 | read-only ${HOME}/.msmtprc | ||
104 | read-only ${HOME}/.exrc | 107 | read-only ${HOME}/.exrc |
105 | read-only ${HOME}/_exrc | 108 | read-only ${HOME}/_exrc |
106 | read-only ${HOME}/.vimrc | 109 | read-only ${HOME}/.vimrc |