diff --git a/usr/lib/permission-hardener.d/25_default_sudo.conf b/usr/lib/permission-hardener.d/25_default_sudo.conf
index 74aedca..e575449 100644
--- a/usr/lib/permission-hardener.d/25_default_sudo.conf
+++ b/usr/lib/permission-hardener.d/25_default_sudo.conf
@@ -17,4 +17,3 @@
 ## compromised network-facing daemon (such as web servers, time synchronization daemons,
 ## etc.) running as its own user from exploiting sudo to escalate privileges.
 #/usr/bin/sudo 4750 root sudo
-#/bin/sudo 4750 root sudo
diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_bubblewrap.conf b/usr/lib/permission-hardener.d/25_default_whitelist_bubblewrap.conf
index 7c44b1a..f1e873f 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_bubblewrap.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_bubblewrap.conf
@@ -6,4 +6,3 @@
 ## configuration. When security-misc is updated, this file may be overwritten.
 
 /usr/bin/bwrap exactwhitelist
-/bin/bwrap exactwhitelist
diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_mount.conf b/usr/lib/permission-hardener.d/25_default_whitelist_mount.conf
index bf86ba9..ac5e9d1 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_mount.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_mount.conf
@@ -8,14 +8,10 @@
 ## https://forums.whonix.org/t/disable-suid-binaries/7706/61
 ## Protect from 'chmod -x' (and SUID removal).
 ## SUID will be removed below in separate step.
-/bin/mount exactwhitelist
 /usr/bin/mount exactwhitelist
-/bin/umount exactwhitelist
 /usr/bin/umount exactwhitelist
 
 ## Remove SUID from 'mount' but keep executable.
 ## https://forums.whonix.org/t/disable-suid-binaries/7706/61
-/bin/mount 755 root root
 /usr/bin/mount 755 root root
-/bin/umount 755 root root
 /usr/bin/umount 755 root root
diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_passwd.conf b/usr/lib/permission-hardener.d/25_default_whitelist_passwd.conf
index 5432fa1..87f4f1e 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_passwd.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_passwd.conf
@@ -14,4 +14,3 @@
 /usr/bin/passwd exactwhitelist
 /bin/passwd exactwhitelist
 /usr/bin/passwd 0755 root root
-/bin/passwd 0755 root root
diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_policykit.conf b/usr/lib/permission-hardener.d/25_default_whitelist_policykit.conf
index beb7531..8133fab 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_policykit.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_policykit.conf
@@ -6,9 +6,7 @@
 ## configuration. When security-misc is updated, this file may be overwritten.
 
 /usr/bin/pkexec exactwhitelist
-/bin/pkexec exactwhitelist
 /usr/bin/pkexec.security-misc-orig exactwhitelist
-/bin/pkexec.security-misc-orig exactwhitelist
 
 ## TODO: research
 ## match both:
diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_sudo.conf b/usr/lib/permission-hardener.d/25_default_whitelist_sudo.conf
index a68564d..ee68aba 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_sudo.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_sudo.conf
@@ -6,4 +6,3 @@
 ## configuration. When security-misc is updated, this file may be overwritten.
 
 /usr/bin/sudo exactwhitelist
-/bin/sudo exactwhitelist