From db0349a5eccbd6a31fa6642a3f22c542383edc9a Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Thu, 23 Jun 2022 11:09:31 -0400
Subject: disabled private-lib in /etc/firejail/firejail.config

---
 src/profstats/main.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src')

diff --git a/src/profstats/main.c b/src/profstats/main.c
index 595a94c11..9deb72f7e 100644
--- a/src/profstats/main.c
+++ b/src/profstats/main.c
@@ -38,6 +38,7 @@ static int cnt_privatebin = 0;
 static int cnt_privatedev = 0;
 static int cnt_privatetmp = 0;
 static int cnt_privateetc = 0;
+static int cnt_privatelib = 0;
 static int cnt_whitelistvar = 0;	// include whitelist-var-common.inc
 static int cnt_whitelistrunuser = 0;	// include whitelist-runuser-common.inc
 static int cnt_whitelistusrshare = 0;	// include whitelist-usr-share-common.inc
@@ -56,6 +57,7 @@ static int arg_privatebin = 0;
 static int arg_privatedev = 0;
 static int arg_privatetmp = 0;
 static int arg_privateetc = 0;
+static int arg_privatelib = 0;
 static int arg_whitelistvar = 0;
 static int arg_whitelistrunuser = 0;
 static int arg_whitelistusrshare = 0;
@@ -181,6 +183,8 @@ static void process_file(char *fname) {
 			cnt_privatetmp++;
 		else if (strncmp(ptr, "private-etc", 11) == 0)
 			cnt_privateetc++;
+		else if (strncmp(ptr, "private-lib", 11) == 0)
+			cnt_privatelib++;
 		else if (strncmp(ptr, "dbus-system none", 16) == 0)
 			cnt_dbus_system_none++;
 		else if (strncmp(ptr, "dbus-system", 11) == 0)
@@ -297,6 +301,7 @@ int main(int argc, char **argv) {
 		int privatetmp = cnt_privatetmp;
 		int privatedev = cnt_privatedev;
 		int privateetc = cnt_privateetc;
+		int privatelib = cnt_privatelib;
 		int dotlocal = cnt_dotlocal;
 		int globalsdotlocal = cnt_globalsdotlocal;
 		int whitelisthome = cnt_whitelisthome;
@@ -360,6 +365,8 @@ int main(int argc, char **argv) {
 			printf("No private-tmp found in %s\n", argv[i]);
 		if (arg_privateetc && privateetc == cnt_privateetc)
 			printf("No private-etc found in %s\n", argv[i]);
+		if (arg_privatelib && privatelib == cnt_privatelib)
+			printf("No private-lib found in %s\n", argv[i]);
 		if (arg_whitelisthome && whitelisthome == cnt_whitelisthome)
 			printf("Home directory not whitelisted in %s\n", argv[i]);
 		if (arg_whitelistvar && whitelistvar == cnt_whitelistvar)
@@ -394,6 +401,7 @@ int main(int argc, char **argv) {
 	printf("    private-bin\t\t\t%d\n", cnt_privatebin);
 	printf("    private-dev\t\t\t%d\n", cnt_privatedev);
 	printf("    private-etc\t\t\t%d\n", cnt_privateetc);
+	printf("    private-lib\t\t\t%d\n", cnt_privatelib);
 	printf("    private-tmp\t\t\t%d\n", cnt_privatetmp);
 	printf("    whitelist home directory\t%d\n", cnt_whitelisthome);
 	printf("    whitelist var\t\t%d   (include whitelist-var-common.inc)\n", cnt_whitelistvar);
-- 
cgit v1.2.3-54-g00ecf