From 4909fa7efce4a36bd16e7bf80c9642b93c262ddf Mon Sep 17 00:00:00 2001 From: netblue30 Date: Wed, 26 May 2021 09:12:09 -0400 Subject: deprecated follow-symlink-as-user from firejail.config --- src/firejail/checkcfg.c | 1 - src/firejail/firejail.h | 1 - src/firejail/main.c | 4 ++++ 3 files changed, 4 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 614b144e5..cb087d395 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c @@ -103,7 +103,6 @@ int checkcfg(int val) { PARSE_YESNO(CFG_USERNS, "userns") PARSE_YESNO(CFG_CHROOT, "chroot") PARSE_YESNO(CFG_FIREJAIL_PROMPT, "firejail-prompt") - PARSE_YESNO(CFG_FOLLOW_SYMLINK_AS_USER, "follow-symlink-as-user") PARSE_YESNO(CFG_FORCE_NONEWPRIVS, "force-nonewprivs") PARSE_YESNO(CFG_SECCOMP, "seccomp") PARSE_YESNO(CFG_WHITELIST, "whitelist") diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 1c1ad4e97..1da70fd54 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h @@ -765,7 +765,6 @@ enum { CFG_PRIVATE_HOME, CFG_PRIVATE_BIN_NO_LOCAL, CFG_FIREJAIL_PROMPT, - CFG_FOLLOW_SYMLINK_AS_USER, CFG_DISABLE_MNT, CFG_JOIN, CFG_ARP_PROBES, diff --git a/src/firejail/main.c b/src/firejail/main.c index 7cfa58078..31694558d 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -1904,6 +1904,8 @@ int main(int argc, char **argv, char **envp) { } else if (strcmp(argv[i], "--private") == 0) { arg_private = 1; + // disable whitelisting in home directory + profile_add("whitelist ~/*"); } else if (strncmp(argv[i], "--private=", 10) == 0) { if (cfg.home_private_keep) { @@ -1925,6 +1927,8 @@ int main(int argc, char **argv, char **envp) { cfg.home_private = NULL; } arg_private = 1; + // disable whitelisting in home directory + profile_add("whitelist ~/*"); } #ifdef HAVE_PRIVATE_HOME else if (strncmp(argv[i], "--private-home=", 15) == 0) { -- cgit v1.2.3-70-g09d2