From b53b92cb0d21ca137b340c3d9a47a53d6cb00c45 Mon Sep 17 00:00:00 2001
From: valoq <valoq@mailbox.org>
Date: Wed, 19 Oct 2016 18:09:30 +0200
Subject: blacklisted common suid programms

---
 etc/disable-common.inc | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 4f854c8d8..506d4e258 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -172,3 +172,29 @@ blacklist ${PATH}/roxterm-config
 blacklist ${PATH}/terminix
 blacklist ${PATH}/urxvtc
 blacklist ${PATH}/urxvtcd
+
+# disable common suid programms
+blacklist ${PATH}/firejail
+blacklist ${PATH}/sudo
+blacklist ${PATH}/su
+blacklist ${PATH}/mount
+blacklist ${PATH}/umount
+blacklist ${PATH}/fusermount
+blacklist ${PATH}/passwd
+blacklist ${PATH}/gpasswd
+blacklist ${PATH}/newgidmap
+blacklist ${PATH}/newgrp
+blacklist ${PATH}/newuidmap
+blacklist ${PATH}/pkexec
+blacklist ${PATH}/sg
+blacklist ${PATH}/rsh
+blacklist ${PATH}/rlogin
+blacklist ${PATH}/rcp
+blacklist ${PATH}/crontab
+blacklist ${PATH}/ksu
+blacklist ${PATH}/chsh
+blacklist ${PATH}/chfn
+blacklist ${PATH}/chage
+blacklist ${PATH}/expiry
+blacklist ${PATH}/ping
+blacklist ${PATH}/unix_chkpwd
-- 
cgit v1.2.3-70-g09d2