diff options
author | netblue30 <netblue30@yahoo.com> | 2017-01-20 09:01:04 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-01-20 09:01:04 -0500 |
commit | d8f348cf842294865050b1152f0079d501b5c46b (patch) | |
tree | 4477a1edbd5a6562aeb6b14e880fb8ae74b8020b /etc | |
parent | Merge pull request #1056 from SYN-cook/master (diff) | |
parent | disable-common: Make ~/.local read-only (diff) | |
download | firejail-d8f348cf842294865050b1152f0079d501b5c46b.tar.gz firejail-d8f348cf842294865050b1152f0079d501b5c46b.tar.zst firejail-d8f348cf842294865050b1152f0079d501b5c46b.zip |
Merge pull request #1044 from KellerFuchs/disable-path-local
Make ~/.local read-only
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 6f21b9681..ac32f07e7 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -124,8 +124,16 @@ read-only ${HOME}/.reportbugrc | |||
124 | read-only ${HOME}/.xmonad | 124 | read-only ${HOME}/.xmonad |
125 | read-only ${HOME}/.xscreensaver | 125 | read-only ${HOME}/.xscreensaver |
126 | 126 | ||
127 | # The user ~/bin directory can override commands such as ls | 127 | # Make directories commonly found in $PATH read-only |
128 | read-only ${HOME}/bin | 128 | read-only ${HOME}/bin |
129 | read-only ${HOME}/.gem | ||
130 | read-only ${HOME}/.luarocks | ||
131 | read-only ${HOME}/.npm-packages | ||
132 | |||
133 | # Make the contents of ~/.local read-only, | ||
134 | # except the commonly-used ~/.local/share | ||
135 | read-only ${HOME}/.local | ||
136 | read-write ${HOME}/.local/share | ||
129 | 137 | ||
130 | # top secret | 138 | # top secret |
131 | blacklist ${HOME}/.ecryptfs | 139 | blacklist ${HOME}/.ecryptfs |