diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-06-02 00:14:04 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-06-02 00:28:10 -0300 |
commit | 03af910fdcb5fbdc3b2bb00df716debf6593876d (patch) | |
tree | d618824fee09e6c3bd8d4815c6f48950c0ea92c4 /etc | |
parent | ids.config: sort global shell paths (diff) | |
download | firejail-03af910fdcb5fbdc3b2bb00df716debf6593876d.tar.gz firejail-03af910fdcb5fbdc3b2bb00df716debf6593876d.tar.zst firejail-03af910fdcb5fbdc3b2bb00df716debf6593876d.zip |
disable-shell.inc: add global shell paths from ids.config
Since /etc/profile is present, add the other shell-related paths in /etc
that are listed on ids.config.
Suggestion by @rusty-snake[1].
Relates to #5167 #5170.
[1] https://github.com/netblue30/firejail/pull/5167#pullrequestreview-989621852
Diffstat (limited to 'etc')
-rw-r--r-- | etc/ids.config | 1 | ||||
-rw-r--r-- | etc/inc/disable-shell.inc | 30 |
2 files changed, 31 insertions, 0 deletions
diff --git a/etc/ids.config b/etc/ids.config index b620e08e2..1217d4a3a 100644 --- a/etc/ids.config +++ b/etc/ids.config | |||
@@ -58,6 +58,7 @@ ${HOME}/.zshenv | |||
58 | ${HOME}/.zshprofile | 58 | ${HOME}/.zshprofile |
59 | ${HOME}/.zshrc | 59 | ${HOME}/.zshrc |
60 | 60 | ||
61 | # Note: This list should be kept in sync with the one in inc/disable-shell.inc. | ||
61 | ### shells global ### | 62 | ### shells global ### |
62 | # all | 63 | # all |
63 | /etc/dircolors | 64 | /etc/dircolors |
diff --git a/etc/inc/disable-shell.inc b/etc/inc/disable-shell.inc index 3f19cdcf9..b1bfcd161 100644 --- a/etc/inc/disable-shell.inc +++ b/etc/inc/disable-shell.inc | |||
@@ -13,5 +13,35 @@ blacklist ${PATH}/sh | |||
13 | blacklist ${PATH}/tclsh | 13 | blacklist ${PATH}/tclsh |
14 | blacklist ${PATH}/tcsh | 14 | blacklist ${PATH}/tcsh |
15 | blacklist ${PATH}/zsh | 15 | blacklist ${PATH}/zsh |
16 | |||
17 | # Note: This list should be kept in sync with the one in ../ids.config. | ||
18 | ### shells global ### | ||
19 | # all | ||
20 | blacklist /etc/dircolors | ||
21 | blacklist /etc/environment | ||
16 | blacklist /etc/profile | 22 | blacklist /etc/profile |
17 | blacklist /etc/profile.d | 23 | blacklist /etc/profile.d |
24 | blacklist /etc/shells | ||
25 | blacklist /etc/skel | ||
26 | # bash | ||
27 | blacklist /etc/bash | ||
28 | blacklist /etc/bash.bashrc | ||
29 | blacklist /etc/bash_completion* | ||
30 | blacklist /etc/bashrc | ||
31 | # fish | ||
32 | blacklist /etc/fish | ||
33 | # ksh | ||
34 | blacklist /etc/ksh.kshrc | ||
35 | blacklist /etc/suid_profile | ||
36 | # tcsh | ||
37 | blacklist /etc/complete.tcsh | ||
38 | blacklist /etc/csh.cshrc | ||
39 | blacklist /etc/csh.login | ||
40 | blacklist /etc/csh.logout | ||
41 | # zsh | ||
42 | blacklist /etc/zlogin | ||
43 | blacklist /etc/zlogout | ||
44 | blacklist /etc/zprofile | ||
45 | blacklist /etc/zsh | ||
46 | blacklist /etc/zshenv | ||
47 | blacklist /etc/zshrc | ||