From 89441e48e8f0388f376cd4fcc24ddbd99f7cc858 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sat, 23 Jul 2022 13:18:09 -0400
Subject: Deny Tor related profiles access to /sys/class/net

This directory contains the MAC address for connections available

Tested working with torbrowser-launcher and onionshare

Signed-off-by: Tad <tad@spotco.us>
---
 etc/profile-m-z/onionshare-gui.profile      | 2 ++
 etc/profile-m-z/torbrowser-launcher.profile | 1 +
 etc/profile-m-z/torbrowser.profile          | 1 +
 3 files changed, 4 insertions(+)

diff --git a/etc/profile-m-z/onionshare-gui.profile b/etc/profile-m-z/onionshare-gui.profile
index fbf4c3ef0..db923056a 100644
--- a/etc/profile-m-z/onionshare-gui.profile
+++ b/etc/profile-m-z/onionshare-gui.profile
@@ -11,6 +11,8 @@ noblacklist ${HOME}/.config/onionshare
 # Allow python (blacklisted by disable-interpreters.inc)
 include allow-python3.inc
 
+blacklist /sys/class/net
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/profile-m-z/torbrowser-launcher.profile b/etc/profile-m-z/torbrowser-launcher.profile
index 700a10be8..9d66c5fa4 100644
--- a/etc/profile-m-z/torbrowser-launcher.profile
+++ b/etc/profile-m-z/torbrowser-launcher.profile
@@ -16,6 +16,7 @@ include allow-python2.inc
 include allow-python3.inc
 
 blacklist /srv
+blacklist /sys/class/net
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/profile-m-z/torbrowser.profile b/etc/profile-m-z/torbrowser.profile
index fc579b973..15ca5b550 100644
--- a/etc/profile-m-z/torbrowser.profile
+++ b/etc/profile-m-z/torbrowser.profile
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.cache/mozilla
 noblacklist ${HOME}/.mozilla
 
 blacklist /usr/libexec
+blacklist /sys/class/net
 
 mkdir ${HOME}/.cache/mozilla/torbrowser
 mkdir ${HOME}/.mozilla
-- 
cgit v1.2.3-54-g00ecf