diff options
| author |  Kelvin M. Klann <kmk3.code@protonmail.com> | 2024-01-08 11:56:27 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-01-08 11:56:27 +0000 |
| commit | d35847f9a4c50d3f870760a4906753a03c62a2f3 (patch) | |
| tree | 5f9f288cd19d56d02357b230218c2c3efcc5cd8c /etc | |
| parent | disable-devel.inc: deduplicate g++ and gcc entries (diff) | |
| download | firejail-d35847f9a4c50d3f870760a4906753a03c62a2f3.tar.gz firejail-d35847f9a4c50d3f870760a4906753a03c62a2f3.tar.zst firejail-d35847f9a4c50d3f870760a4906753a03c62a2f3.zip | |
profiles: use only /usr/share/lua* (#6150)
To ensure that it includes luajit paths as well:
* /usr/share/lua
* /usr/share/luajit-2.1
And remove all entries of the same path without the wildcard, to avoid
redundancy.
Misc: The wildcard entries were added on commit 56b60dfd0 ("additional
Lua blacklisting (#3246)", 2020-02-24) and the entries without the
wildcard were partially removed on commit 721a984a5 ("Fix Lua in
disable-interpreters.inc", 2020-02-24).
This is a follow-up to #6128.
Reported-by: @pirate486743186
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/allow-lua.inc | 1 | ||||
| -rw-r--r-- | etc/profile-a-l/firefox-common-addons.profile | 1 | ||||
| -rw-r--r-- | etc/profile-m-z/mpv.profile | 1 | ||||
| -rw-r--r-- | etc/profile-m-z/rhythmbox.profile | 2 |
4 files changed, 1 insertions, 4 deletions
diff --git a/etc/inc/allow-lua.inc b/etc/inc/allow-lua.inc index 9c47e7a3b..4b6dd8a53 100644 --- a/etc/inc/allow-lua.inc +++ b/etc/inc/allow-lua.inc | |||
| @@ -8,5 +8,4 @@ noblacklist /usr/lib/liblua* | |||
| 8 | noblacklist /usr/lib/lua | 8 | noblacklist /usr/lib/lua |
| 9 | noblacklist /usr/lib64/liblua* | 9 | noblacklist /usr/lib64/liblua* |
| 10 | noblacklist /usr/lib64/lua | 10 | noblacklist /usr/lib64/lua |
| 11 | noblacklist /usr/share/lua | ||
| 12 | noblacklist /usr/share/lua* | 11 | noblacklist /usr/share/lua* |
diff --git a/etc/profile-a-l/firefox-common-addons.profile b/etc/profile-a-l/firefox-common-addons.profile index 44e54ec1d..ccc2dc7f6 100644 --- a/etc/profile-a-l/firefox-common-addons.profile +++ b/etc/profile-a-l/firefox-common-addons.profile | |||
| @@ -76,7 +76,6 @@ whitelist ${HOME}/.wine-pipelight | |||
| 76 | whitelist ${HOME}/.wine-pipelight64 | 76 | whitelist ${HOME}/.wine-pipelight64 |
| 77 | whitelist ${HOME}/.zotero | 77 | whitelist ${HOME}/.zotero |
| 78 | whitelist ${HOME}/dwhelper | 78 | whitelist ${HOME}/dwhelper |
| 79 | whitelist /usr/share/lua | ||
| 80 | whitelist /usr/share/lua* | 79 | whitelist /usr/share/lua* |
| 81 | whitelist /usr/share/mpv | 80 | whitelist /usr/share/mpv |
| 82 | 81 | ||
diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index 9cb1fd0ce..b85002b00 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile | |||
| @@ -64,7 +64,6 @@ whitelist ${HOME}/.local/state/mpv | |||
| 64 | whitelist ${HOME}/.netrc | 64 | whitelist ${HOME}/.netrc |
| 65 | whitelist ${HOME}/yt-dlp.conf | 65 | whitelist ${HOME}/yt-dlp.conf |
| 66 | whitelist ${HOME}/yt-dlp.conf.txt | 66 | whitelist ${HOME}/yt-dlp.conf.txt |
| 67 | whitelist /usr/share/lua | ||
| 68 | whitelist /usr/share/lua* | 67 | whitelist /usr/share/lua* |
| 69 | whitelist /usr/share/mpv | 68 | whitelist /usr/share/mpv |
| 70 | include whitelist-common.inc | 69 | include whitelist-common.inc |
diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile index 77c032a53..c2343db02 100644 --- a/etc/profile-m-z/rhythmbox.profile +++ b/etc/profile-m-z/rhythmbox.profile | |||
| @@ -26,7 +26,7 @@ include disable-shell.inc | |||
| 26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
| 27 | 27 | ||
| 28 | whitelist /usr/share/rhythmbox | 28 | whitelist /usr/share/rhythmbox |
| 29 | whitelist /usr/share/lua | 29 | whitelist /usr/share/lua* |
| 30 | whitelist /usr/share/libquvi-scripts | 30 | whitelist /usr/share/libquvi-scripts |
| 31 | whitelist /usr/share/tracker | 31 | whitelist /usr/share/tracker |
| 32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |