diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-01-20 09:01:04 -0500 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2017-01-20 09:01:04 -0500 |
| commit | d8f348cf842294865050b1152f0079d501b5c46b (patch) | |
| tree | 4477a1edbd5a6562aeb6b14e880fb8ae74b8020b /etc | |
| parent | Merge pull request #1056 from SYN-cook/master (diff) | |
| parent | disable-common: Make ~/.local read-only (diff) | |
| download | firejail-d8f348cf842294865050b1152f0079d501b5c46b.tar.gz firejail-d8f348cf842294865050b1152f0079d501b5c46b.tar.zst firejail-d8f348cf842294865050b1152f0079d501b5c46b.zip | |
Merge pull request #1044 from KellerFuchs/disable-path-local
Make ~/.local read-only
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/disable-common.inc | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 6f21b9681..ac32f07e7 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
| @@ -124,8 +124,16 @@ read-only ${HOME}/.reportbugrc | |||
| 124 | read-only ${HOME}/.xmonad | 124 | read-only ${HOME}/.xmonad |
| 125 | read-only ${HOME}/.xscreensaver | 125 | read-only ${HOME}/.xscreensaver |
| 126 | 126 | ||
| 127 | # The user ~/bin directory can override commands such as ls | 127 | # Make directories commonly found in $PATH read-only |
| 128 | read-only ${HOME}/bin | 128 | read-only ${HOME}/bin |
| 129 | read-only ${HOME}/.gem | ||
| 130 | read-only ${HOME}/.luarocks | ||
| 131 | read-only ${HOME}/.npm-packages | ||
| 132 | |||
| 133 | # Make the contents of ~/.local read-only, | ||
| 134 | # except the commonly-used ~/.local/share | ||
| 135 | read-only ${HOME}/.local | ||
| 136 | read-write ${HOME}/.local/share | ||
| 129 | 137 | ||
| 130 | # top secret | 138 | # top secret |
| 131 | blacklist ${HOME}/.ecryptfs | 139 | blacklist ${HOME}/.ecryptfs |