From add6ee8c23bc500c27ba9e4258be8d0f7a26945e Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Thu, 21 Jan 2021 04:37:34 -0300
Subject: ssh: move auth socket blacklist to disable-common.inc

That was added on the commit e93fbf3bd ("disable ssh-agent sockets in
disable-programs.inc").

Currently, it's the only ssh-related entry on disable-programs.inc.
Further, it seems that all the other socket blacklists live on
disable-common.inc.  Also, even though this socket does not necessarily
allow arbitrary command execution on the local machine (like some paths
on disable-common.inc do), it could still do so for remote systems.

Put it above the "top secret" section, like the terminal sockets are
above the terminal server section.
---
 etc/inc/disable-programs.inc | 1 -
 1 file changed, 1 deletion(-)

(limited to 'etc/inc/disable-programs.inc')

diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 74cbfbcbe..2ef40b23a 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -856,7 +856,6 @@ blacklist ${HOME}/.yarncache
 blacklist ${HOME}/.yarnrc
 blacklist ${HOME}/.zoom
 blacklist /tmp/akonadi-*
-blacklist /tmp/ssh-*
 blacklist /tmp/.wine-*
 blacklist /var/games/nethack
 blacklist /var/games/slashem
-- 
cgit v1.2.3-54-g00ecf