From 66dc2643aca9d19e3d77ad4153d2ec9684a3794f Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Sun, 29 May 2022 00:26:56 -0300
Subject: disable-common.inc: move blacklist of /etc/profile.d

To disable-shell.inc.

Interactive shells can be executed from certain development-related
programs (such as IDEs) and the shells themselves are not blocked by
default, but this shell startup directory currently is.  To avoid
running a shell without access to potentially needed startup files, only
blacklist /etc/profile.d when interactive shells are also blocked.

Note that /etc/profile.d should only be of concern to interactive
shells, so a profile that includes both disable-shell.inc and
allow-bin-sh.inc (which likely means that it needs access to only
non-interactive shells) should not be affected by the blacklisting.

Relates to #3411 #5159.
---
 etc/inc/disable-common.inc   | 1 -
 etc/inc/disable-shell.inc    | 1 +
 etc/profile-a-l/kate.profile | 1 -
 3 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index d08ba3646..5918ee640 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -261,7 +261,6 @@ blacklist /etc/grub*
 blacklist /etc/kernel*
 blacklist /etc/logrotate*
 blacklist /etc/modules*
-blacklist /etc/profile.d
 blacklist /etc/rc.local
 # rc1.d, rc2.d, ...
 blacklist /etc/rc?.d
diff --git a/etc/inc/disable-shell.inc b/etc/inc/disable-shell.inc
index 8274b0215..6665251a8 100644
--- a/etc/inc/disable-shell.inc
+++ b/etc/inc/disable-shell.inc
@@ -13,3 +13,4 @@ blacklist ${PATH}/sh
 blacklist ${PATH}/tclsh
 blacklist ${PATH}/tcsh
 blacklist ${PATH}/zsh
+blacklist /etc/profile.d
diff --git a/etc/profile-a-l/kate.profile b/etc/profile-a-l/kate.profile
index d3ad0482a..51296408c 100644
--- a/etc/profile-a-l/kate.profile
+++ b/etc/profile-a-l/kate.profile
@@ -23,7 +23,6 @@ noblacklist ${HOME}/.local/share/kxmlgui5/kateopenheaderplugin
 noblacklist ${HOME}/.local/share/kxmlgui5/katepart
 noblacklist ${HOME}/.local/share/kxmlgui5/kateproject
 noblacklist ${HOME}/.local/share/kxmlgui5/katesearch
-noblacklist /etc/profile.d
 
 # Allows files commonly used by IDEs
 include allow-common-devel.inc
-- 
cgit v1.2.3-70-g09d2