From 63c35052b7e76f40591f709571e19fbcb7cd8f48 Mon Sep 17 00:00:00 2001 From: Vincent43 <31109921+Vincent43@users.noreply.github.com> Date: Sun, 3 Feb 2019 13:18:07 +0100 Subject: Add '$HOME/.local/share/pki' to blacklist Since nss 3.42, '$HOME/.local/share/pki' is supported dir for storing certs https://hg.mozilla.org/projects/nss/rev/da45424cb9a0b4d8e45e5040e2e3b574d994e254 --- etc-fixes/0.9.52/firefox.profile | 3 +++ etc/chromium-common.profile | 3 +++ etc/disable-common.inc | 1 + etc/evolution.profile | 1 + etc/firefox-common.profile | 3 +++ etc/franz.profile | 3 +++ etc/mendeleydesktop.profile | 3 ++- etc/midori.profile | 3 +++ etc/min.profile | 3 +++ etc/rambox.profile | 3 +++ etc/seamonkey.profile | 2 ++ 11 files changed, 27 insertions(+), 1 deletion(-) diff --git a/etc-fixes/0.9.52/firefox.profile b/etc-fixes/0.9.52/firefox.profile index 6b19b14df..e3efada2c 100644 --- a/etc-fixes/0.9.52/firefox.profile +++ b/etc-fixes/0.9.52/firefox.profile @@ -24,6 +24,7 @@ noblacklist ${HOME}/.local/share/okular noblacklist ${HOME}/.local/share/qpdfview noblacklist ${HOME}/.mozilla noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include /etc/firejail/disable-common.inc include /etc/firejail/disable-devel.inc @@ -32,6 +33,7 @@ include /etc/firejail/disable-programs.inc mkdir ${HOME}/.cache/mozilla/firefox mkdir ${HOME}/.mozilla mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.cache/gnome-mplayer/plugin whitelist ${HOME}/.cache/mozilla/firefox @@ -60,6 +62,7 @@ whitelist ${HOME}/.mozilla whitelist ${HOME}/.pentadactyl whitelist ${HOME}/.pentadactylrc whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki whitelist ${HOME}/.vimperator whitelist ${HOME}/.vimperatorrc whitelist ${HOME}/.wine-pipelight diff --git a/etc/chromium-common.profile b/etc/chromium-common.profile index 7d8bc15ba..a182e5d20 100644 --- a/etc/chromium-common.profile +++ b/etc/chromium-common.profile @@ -7,6 +7,7 @@ include chromium-common.local #include globals.local noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -14,8 +15,10 @@ include disable-interpreters.inc include disable-programs.inc mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki include whitelist-common.inc include whitelist-var-common.inc diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 985d658e0..f98f247d5 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc @@ -306,6 +306,7 @@ blacklist ${HOME}/.mutt blacklist ${HOME}/.muttrc blacklist ${HOME}/.netrc blacklist ${HOME}/.pki +blacklist ${HOME}/.local/share/pki blacklist ${HOME}/.smbcredentials blacklist ${HOME}/.ssh blacklist ${HOME}/.vaults diff --git a/etc/evolution.profile b/etc/evolution.profile index 1cce0656c..96f7e0eb5 100644 --- a/etc/evolution.profile +++ b/etc/evolution.profile @@ -14,6 +14,7 @@ noblacklist ${HOME}/.config/evolution noblacklist ${HOME}/.gnupg noblacklist ${HOME}/.local/share/evolution noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc diff --git a/etc/firefox-common.profile b/etc/firefox-common.profile index 644dc89b1..7c65be7cb 100644 --- a/etc/firefox-common.profile +++ b/etc/firefox-common.profile @@ -10,6 +10,7 @@ include firefox-common.local #include firefox-common-addons.inc noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -17,8 +18,10 @@ include disable-interpreters.inc include disable-programs.inc mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki include whitelist-common.inc include whitelist-var-common.inc diff --git a/etc/franz.profile b/etc/franz.profile index 5ce8954c4..d6445ff8e 100644 --- a/etc/franz.profile +++ b/etc/franz.profile @@ -8,6 +8,7 @@ include globals.local noblacklist ${HOME}/.cache/Franz noblacklist ${HOME}/.config/Franz noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -17,10 +18,12 @@ include disable-programs.inc mkdir ${HOME}/.cache/Franz mkdir ${HOME}/.config/Franz mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.cache/Franz whitelist ${HOME}/.config/Franz whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki include whitelist-common.inc caps.drop all diff --git a/etc/mendeleydesktop.profile b/etc/mendeleydesktop.profile index 280baebdc..3a5edc364 100644 --- a/etc/mendeleydesktop.profile +++ b/etc/mendeleydesktop.profile @@ -12,7 +12,8 @@ noblacklist ${HOME}/.cache/Mendeley Ltd. noblacklist ${HOME}/.config/Mendeley Ltd. noblacklist ${HOME}/.local/share/Mendeley Ltd. noblacklist ${HOME}/.local/share/data/Mendeley Ltd. -noblacklist ${HOME}/.pki/nssdb +noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki # Allow python (blacklisted by disable-interpreters.inc) noblacklist ${PATH}/python2* diff --git a/etc/midori.profile b/etc/midori.profile index 6a69f2282..4e9a6c63d 100644 --- a/etc/midori.profile +++ b/etc/midori.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/midori # noblacklist ${HOME}/.local/share/webkit # noblacklist ${HOME}/.local/share/webkitgtk noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -23,6 +24,7 @@ mkdir ${HOME}/.local/share/midori mkdir ${HOME}/.local/share/webkit mkdir ${HOME}/.local/share/webkitgtk mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.cache/gnome-mplayer/plugin whitelist ${HOME}/.cache/midori @@ -33,6 +35,7 @@ whitelist ${HOME}/.local/share/midori whitelist ${HOME}/.local/share/webkit whitelist ${HOME}/.local/share/webkitgtk whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki include whitelist-common.inc caps.drop all diff --git a/etc/min.profile b/etc/min.profile index 3029c2952..80baedff7 100644 --- a/etc/min.profile +++ b/etc/min.profile @@ -9,6 +9,7 @@ include globals.local noblacklist ${HOME}/.config/Min noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -16,8 +17,10 @@ include disable-interpreters.inc include disable-programs.inc mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki include whitelist-common.inc include whitelist-var-common.inc diff --git a/etc/rambox.profile b/etc/rambox.profile index 6c65f869b..6f7f37aaf 100644 --- a/etc/rambox.profile +++ b/etc/rambox.profile @@ -7,6 +7,7 @@ include globals.local noblacklist ${HOME}/.config/Rambox noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -15,9 +16,11 @@ include disable-programs.inc mkdir ${HOME}/.config/Rambox mkdir ${HOME}/.pki +mkdir ${HOME}/.local/share/pki whitelist ${DOWNLOADS} whitelist ${HOME}/.config/Rambox whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki include whitelist-common.inc caps.drop all diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile index 9c38414bb..8cb291ba6 100644 --- a/etc/seamonkey.profile +++ b/etc/seamonkey.profile @@ -9,6 +9,7 @@ include globals.local noblacklist ${HOME}/.cache/mozilla noblacklist ${HOME}/.mozilla noblacklist ${HOME}/.pki +noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc @@ -29,6 +30,7 @@ whitelist ${HOME}/.mozilla whitelist ${HOME}/.pentadactyl whitelist ${HOME}/.pentadactylrc whitelist ${HOME}/.pki +whitelist ${HOME}/.local/share/pki whitelist ${HOME}/.vimperator whitelist ${HOME}/.vimperatorrc whitelist ${HOME}/.wine-pipelight -- cgit v1.2.3-54-g00ecf