summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--RELNOTES4
-rw-r--r--etc/disable-common.inc4
2 files changed, 5 insertions, 3 deletions
diff --git a/RELNOTES b/RELNOTES
index 363526417..52eef6a0e 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -1,4 +1,8 @@
1firejail (0.9.42~rc2) baseline; urgency=low 1firejail (0.9.42~rc2) baseline; urgency=low
2 * security: --whitelist deleted files, submitted by Vasya Novikov
3 * security: disable x32 ABI, submitted by Jann Horn
4 * security: tighten --chroot, submitted by Jann Horn
5 * security: terminal sandbox escape, submitted by Stephan Sokolow
2 * deprecated --user option, please use "sudo -u username firejail" instead 6 * deprecated --user option, please use "sudo -u username firejail" instead
3 * --read-write option rework 7 * --read-write option rework
4 * allow symlinks in home directory for --whitelist option 8 * allow symlinks in home directory for --whitelist option
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index ed6ee315b..c4169db8a 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -155,7 +155,7 @@ blacklist /usr/local/sbin
155# prevent lxterminal connecting to an existing lxterminal session 155# prevent lxterminal connecting to an existing lxterminal session
156blacklist /tmp/.lxterminal-socket* 156blacklist /tmp/.lxterminal-socket*
157 157
158# disable terminals running as server 158# disable terminals running as server resulting in sandbox escape
159blacklist ${PATH}/gnome-terminal 159blacklist ${PATH}/gnome-terminal
160blacklist ${PATH}/gnome-terminal.wrapper 160blacklist ${PATH}/gnome-terminal.wrapper
161blacklist ${PATH}/xfce4-terminal 161blacklist ${PATH}/xfce4-terminal
@@ -169,5 +169,3 @@ blacklist ${PATH}/roxterm-config
169blacklist ${PATH}/terminix 169blacklist ${PATH}/terminix
170blacklist ${PATH}/urxvtc 170blacklist ${PATH}/urxvtc
171blacklist ${PATH}/urxvtcd 171blacklist ${PATH}/urxvtcd
172blacklist ${PATH}/konsole
173blacklist ${PATH}/yakuake
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-15 02:07:12 +0000