From d681e0e2d9548c56bf67131b9fe4a75d8e1b9060 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Thu, 4 Nov 2021 14:35:08 -0400
Subject: adding more SUID executables to disable-common.inc

---
 etc/inc/disable-common.inc | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'etc/inc/disable-common.inc')

diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index ae84ee38a..f3d685d18 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -458,7 +458,7 @@ blacklist /sbin
 blacklist /usr/local/sbin
 blacklist /usr/sbin
 
-# system management
+# system management and various SUID executables
 blacklist ${PATH}/at
 blacklist ${PATH}/busybox
 blacklist ${PATH}/chage
@@ -493,6 +493,12 @@ blacklist ${PATH}/umount
 blacklist ${PATH}/unix_chkpwd
 blacklist ${PATH}/xev
 blacklist ${PATH}/xinput
+blacklist /usr/lib/openssh/ssh-keysign
+blacklist ${PATH}/passwd
+blacklist /usr/lib/xorg/Xorg.wrap
+blacklist /usr/lib/policykit-1/polkit-agent-helper-1
+blacklist /usr/lib/dbus-1.0/dbus-daemon-launch-helper
+blacklist /usr/lib/eject/dmcrypt-get-device
 
 # other SUID binaries
 blacklist /usr/lib/virtualbox
-- 
cgit v1.2.3-54-g00ecf