Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2024-12-25 21:49:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

suid /usr/bin/firejail whitelist

Browse Source 
There is a controversy about firejail but those who choose to install it
should be able to use it.
https://www.whonix.org/wiki/Dev/Firejail#Security
This commit is contained in:
Patrick Schleizer 2019-12-20 12:50:35 -05:00
parent d3f16a5bf4
commit 3fab387669
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etc/permission-hardening.d/30_default.conf
View File

@ -24,6 +24,11 @@
/usr/lib/spice-gtk/spice-client-glib-usb-acl-helper whitelist /usr/lib/spice-gtk/spice-client-glib-usb-acl-helper whitelist
/usr/lib/x86_64-linux-gnu/utempter/utempter whitelist /usr/lib/x86_64-linux-gnu/utempter/utempter whitelist
## There is a controversy about firejail but those who choose to install it
## should be able to use it.
## https://www.whonix.org/wiki/Dev/Firejail#Security
/usr/bin/firejail whitelist
## TODO: research ## TODO: research
## https://github.com/QubesOS/qubes-core-agent-linux/blob/master/qubes-rpc/qfile-unpacker.c ## https://github.com/QubesOS/qubes-core-agent-linux/blob/master/qubes-rpc/qfile-unpacker.c
/usr/lib/qubes/qfile-unpacker whitelist /usr/lib/qubes/qfile-unpacker whitelist