Blacklist busybox by default

It's a collection of many tools, that might not be allowed individually. When it's needed, it can easily be allowed again.
author: Reiner Herrmann <reiner@reiner-h.de> 2020-05-16 12:24:22 +0000
committer: GitHub <noreply@github.com> 2020-05-16 12:24:22 +0000
commit: 5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea (patch)
tree: 15a45db8f2913f405688c3137330b5d772ebb056 /etc
parent: add mace015 to contributors (diff)
download: firejail-5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea.tar.gz
firejail-5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea.tar.zst
firejail-5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 3fd3cc7b2..efc82a9dc 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -388,6 +388,7 @@ blacklist /usr/local/sbin
 blacklist /usr/sbin
 # system management
+blacklist ${PATH}/busybox
 blacklist ${PATH}/at
 blacklist ${PATH}/chage
 blacklist ${PATH}/chfn
author	Reiner Herrmann <reiner@reiner-h.de>	2020-05-16 12:24:22 +0000
committer	GitHub <noreply@github.com>	2020-05-16 12:24:22 +0000
commit	5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea (patch)
tree	15a45db8f2913f405688c3137330b5d772ebb056 /etc
parent	add mace015 to contributors (diff)
download	firejail-5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea.tar.gz firejail-5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea.tar.zst firejail-5e2d5aa5ff60c73f923da2240c1b4fbbded8c3ea.zip

diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 3fd3cc7b2..efc82a9dc 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc
@@ -388,6 +388,7 @@ blacklist /usr/local/sbin
388	blacklist /usr/sbin	388	blacklist /usr/sbin
389		389
390	# system management	390	# system management
		391	blacklist ${PATH}/busybox
391	blacklist ${PATH}/at	392	blacklist ${PATH}/at
392	blacklist ${PATH}/chage	393	blacklist ${PATH}/chage
393	blacklist ${PATH}/chfn	394	blacklist ${PATH}/chfn