From 7f834c4cd3bcc86cac07764b99b114dd7271c654 Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Fri, 27 Jan 2023 21:31:54 -0300 Subject: disable-common.inc: add more ro editor/browser paths Move some paths from mutt.profile and neomutt.profile. Added on commit 6b9bfad37 ("Fix python; add read-only to editors/cli browsers;re-add cache directory", 2020-12-29) / PR #3849. Misc: This is a follow-up to #5626. --- etc/inc/disable-common.inc | 3 +++ etc/profile-a-l/elinks.profile | 2 ++ etc/profile-m-z/mutt.profile | 3 --- etc/profile-m-z/nano.profile | 1 + etc/profile-m-z/neomutt.profile | 3 --- etc/profile-m-z/w3m.profile | 1 + 6 files changed, 7 insertions(+), 6 deletions(-) (limited to 'etc') diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 66a309d85..1e84370a4 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc @@ -330,6 +330,7 @@ read-only ${HOME}/.cargo/env read-only ${HOME}/.config/nvim read-only ${HOME}/.config/pkcs11 read-only ${HOME}/.dotfiles +read-only ${HOME}/.elinks read-only ${HOME}/.emacs read-only ${HOME}/.emacs.d read-only ${HOME}/.exrc @@ -345,6 +346,7 @@ read-only ${HOME}/.msmtprc read-only ${HOME}/.mutt/muttrc read-only ${HOME}/.muttrc read-only ${HOME}/.nano +read-only ${HOME}/.nanorc read-only ${HOME}/.npmrc read-only ${HOME}/.pythonrc.py read-only ${HOME}/.reportbugrc @@ -352,6 +354,7 @@ read-only ${HOME}/.tmux.conf read-only ${HOME}/.vim read-only ${HOME}/.viminfo read-only ${HOME}/.vimrc +read-only ${HOME}/.w3m read-only ${HOME}/.xmonad read-only ${HOME}/.xscreensaver read-only ${HOME}/.yarnrc diff --git a/etc/profile-a-l/elinks.profile b/etc/profile-a-l/elinks.profile index a3596bb5e..aab3b3902 100644 --- a/etc/profile-a-l/elinks.profile +++ b/etc/profile-a-l/elinks.profile @@ -17,5 +17,7 @@ whitelist ${HOME}/.elinks private-bin elinks +read-write ${HOME}/.elinks + # Redirect include links-common.profile diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index bce56743a..904b0cd7c 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile @@ -133,8 +133,5 @@ dbus-user none dbus-system none memory-deny-write-execute -read-only ${HOME}/.elinks -read-only ${HOME}/.nanorc read-only ${HOME}/.signature -read-only ${HOME}/.w3m restrict-namespaces diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile index a20eb3828..0814742c1 100644 --- a/etc/profile-m-z/nano.profile +++ b/etc/profile-m-z/nano.profile @@ -56,4 +56,5 @@ dbus-user none dbus-system none memory-deny-write-execute +read-write ${HOME}/.nanorc restrict-namespaces diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index c255a85c9..f343226ae 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile @@ -125,8 +125,5 @@ dbus-user none dbus-system none memory-deny-write-execute -read-only ${HOME}/.elinks -read-only ${HOME}/.nanorc read-only ${HOME}/.signature -read-only ${HOME}/.w3m restrict-namespaces diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index fab5315aa..1e111f83e 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile @@ -68,4 +68,5 @@ dbus-user none dbus-system none memory-deny-write-execute +read-write ${HOME}/.w3m restrict-namespaces -- cgit v1.2.3-70-g09d2 From f253f90d1dc2dd0fe8654ce2596303b059f673a9 Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Mon, 30 Jan 2023 19:20:13 -0300 Subject: disable-common.inc: make ~/.config/nano read-only Similarly to the existing ~/.nanorc entry. Taken from nano.profile. --- etc/inc/disable-common.inc | 1 + etc/profile-m-z/nano.profile | 1 + 2 files changed, 2 insertions(+) (limited to 'etc') diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 1e84370a4..03daaa9a6 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc @@ -327,6 +327,7 @@ read-only ${HOME}/.ssh/config.d # Initialization files that allow arbitrary command execution read-only ${HOME}/.caffrc read-only ${HOME}/.cargo/env +read-only ${HOME}/.config/nano read-only ${HOME}/.config/nvim read-only ${HOME}/.config/pkcs11 read-only ${HOME}/.dotfiles diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile index 0814742c1..74403c335 100644 --- a/etc/profile-m-z/nano.profile +++ b/etc/profile-m-z/nano.profile @@ -56,5 +56,6 @@ dbus-user none dbus-system none memory-deny-write-execute +read-write ${HOME}/.config/nano read-write ${HOME}/.nanorc restrict-namespaces -- cgit v1.2.3-70-g09d2