diff options
author | netblue30 <netblue30@yahoo.com> | 2016-10-25 12:26:17 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-10-25 12:26:17 -0400 |
commit | b588020b4540480fdd3aaa11da8bd472b2dfdb60 (patch) | |
tree | f756c69ad1ca949e32037071640b9ae9e15c2538 /etc | |
parent | Merge pull request #871 from Fred-Barclay/alphabetise (diff) | |
download | firejail-b588020b4540480fdd3aaa11da8bd472b2dfdb60.tar.gz firejail-b588020b4540480fdd3aaa11da8bd472b2dfdb60.tar.zst firejail-b588020b4540480fdd3aaa11da8bd472b2dfdb60.zip |
fixes
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 29de8cca9..3c0b2160c 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -137,6 +137,11 @@ blacklist /etc/gshadow+ | |||
137 | blacklist /etc/ssh | 137 | blacklist /etc/ssh |
138 | blacklist /var/backup | 138 | blacklist /var/backup |
139 | 139 | ||
140 | # system directories | ||
141 | blacklist /sbin | ||
142 | blacklist /usr/sbin | ||
143 | blacklist /usr/local/sbin | ||
144 | |||
140 | # system management | 145 | # system management |
141 | blacklist ${PATH}/umount | 146 | blacklist ${PATH}/umount |
142 | blacklist ${PATH}/mount | 147 | blacklist ${PATH}/mount |
@@ -149,11 +154,23 @@ blacklist ${PATH}/xev | |||
149 | blacklist ${PATH}/strace | 154 | blacklist ${PATH}/strace |
150 | blacklist ${PATH}/nc | 155 | blacklist ${PATH}/nc |
151 | blacklist ${PATH}/ncat | 156 | blacklist ${PATH}/ncat |
152 | 157 | blacklist ${PATH}/gpasswd | |
153 | # system directories | 158 | blacklist ${PATH}/newgidmap |
154 | blacklist /sbin | 159 | blacklist ${PATH}/newgrp |
155 | blacklist /usr/sbin | 160 | blacklist ${PATH}/newuidmap |
156 | blacklist /usr/local/sbin | 161 | blacklist ${PATH}/pkexec |
162 | blacklist ${PATH}/sg | ||
163 | blacklist ${PATH}/rsh | ||
164 | blacklist ${PATH}/rlogin | ||
165 | blacklist ${PATH}/rcp | ||
166 | blacklist ${PATH}/crontab | ||
167 | blacklist ${PATH}/ksu | ||
168 | blacklist ${PATH}/chsh | ||
169 | blacklist ${PATH}/chfn | ||
170 | blacklist ${PATH}/chage | ||
171 | blacklist ${PATH}/expiry | ||
172 | blacklist ${PATH}/ping | ||
173 | blacklist ${PATH}/unix_chkpwd | ||
157 | 174 | ||
158 | # prevent lxterminal connecting to an existing lxterminal session | 175 | # prevent lxterminal connecting to an existing lxterminal session |
159 | blacklist /tmp/.lxterminal-socket* | 176 | blacklist /tmp/.lxterminal-socket* |