diff options
Diffstat (limited to 'src/firejail/fs.c')
-rw-r--r-- | src/firejail/fs.c | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 69b9d77bc..2a2e97419 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -572,58 +572,6 @@ void fs_proc_sys_dev_boot(void) { | |||
572 | } | 572 | } |
573 | free(fname); | 573 | free(fname); |
574 | 574 | ||
575 | // todo: investigate | ||
576 | #if 0 | ||
577 | // breaks too many applications, option needed | ||
578 | /* // disable /run/user/{uid}/bus */ | ||
579 | /* char *fnamebus; */ | ||
580 | /* if (asprintf(&fnamebus, "/run/user/%d/bus", getuid()) == -1) */ | ||
581 | /* errExit("asprintf"); */ | ||
582 | /* if (stat(fnamebus, &s) == 0) */ | ||
583 | /* disable_file(BLACKLIST_FILE, fnamebus); */ | ||
584 | /* free(fnamebus); */ | ||
585 | |||
586 | // WARNING: not working | ||
587 | // disable /run/user/{uid}/kdeinit* | ||
588 | //char *fnamekde; | ||
589 | //if (asprintf(&fnamekde, "/run/user/%d/kdeinit*", getuid()) == -1) | ||
590 | // errExit("asprintf"); | ||
591 | //if (stat(fnamekde, &s) == 0) | ||
592 | // disable_file(BLACKLIST_FILE, fnamekde); | ||
593 | //free(fnamekde); | ||
594 | |||
595 | |||
596 | // disable /run/user/{uid}/pulse | ||
597 | /* char *fnamepulse; */ | ||
598 | /* if (asprintf(&fnamepulse, "/run/user/%d/pulse", getuid()) == -1) */ | ||
599 | /* errExit("asprintf"); */ | ||
600 | /* if (stat(fnamepulse, &s) == 0) */ | ||
601 | /* disable_file(BLACKLIST_FILE, fnamepulse); */ | ||
602 | /* free(fnamepulse); */ | ||
603 | |||
604 | // disable /run/user/{uid}/dconf | ||
605 | /* char *fnamedconf; */ | ||
606 | /* if (asprintf(&fnamedconf, "/run/user/%d/dconf", getuid()) == -1) */ | ||
607 | /* errExit("asprintf"); */ | ||
608 | /* if (stat(fnamedconf, &s) == 0) */ | ||
609 | /* disable_file(BLACKLIST_FILE, fnamedconf); */ | ||
610 | /* free(fnamedconf); */ | ||
611 | |||
612 | |||
613 | // dirs in /run/user/{uid}/ | ||
614 | // using gnome: | ||
615 | // bus, dconf, gdm, gnome-shell, gnupg, gvfs, keyring, pulse, systemd | ||
616 | |||
617 | // using kde: | ||
618 | // kdeinit__0, ... | ||
619 | |||
620 | // more files with sockets to be blacklisted | ||
621 | // /run/dbus /run/systemd /run/udev /run/lvm | ||
622 | |||
623 | // /run/user/{uid} does not exist on some systems, usually used and created by desktop applications | ||
624 | |||
625 | #endif | ||
626 | |||
627 | if (getuid() != 0) { | 575 | if (getuid() != 0) { |
628 | // disable /dev/kmsg and /proc/kmsg | 576 | // disable /dev/kmsg and /proc/kmsg |
629 | disable_file(BLACKLIST_FILE, "/dev/kmsg"); | 577 | disable_file(BLACKLIST_FILE, "/dev/kmsg"); |