From 7b48318477da5a4c7509670b55270cc7d14125b3 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Tue, 7 Mar 2017 08:20:15 -0500
Subject: Following links in private-bin command ported from #1100 created
 problems for some users. I added a follow-symlink-private-bin entry in
 /etc/firejail/firejail.config file to enable/disable this functionality -
 default disabled.

---
 etc/firejail.config | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'etc/firejail.config')

diff --git a/etc/firejail.config b/etc/firejail.config
index 766802a7d..858ac4ec1 100644
--- a/etc/firejail.config
+++ b/etc/firejail.config
@@ -26,6 +26,10 @@
 # Enabled by default
 # follow-symlink-as-user yes
 
+# Follow symlink for private-bin command.
+# Disabled by default
+# follow-symlink-private-bin no
+
 # Force use of nonewprivs.  This mitigates the possibility of
 # a user abusing firejail's features to trick a privileged (suid
 # or file capabilities) process into loading code or configuration
-- 
cgit v1.2.3-54-g00ecf