From 51decff2fd48c2437b08136e97d4211e5eaccd89 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Sun, 5 Nov 2023 16:03:36 -0500
Subject: [PATCH] exclude qfile-unpacker from permission hardener

---
 etc/permission-hardening.d/25_default_whitelist_qubes.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/etc/permission-hardening.d/25_default_whitelist_qubes.conf b/etc/permission-hardening.d/25_default_whitelist_qubes.conf
index bb6e951..24b6185 100644
--- a/etc/permission-hardening.d/25_default_whitelist_qubes.conf
+++ b/etc/permission-hardening.d/25_default_whitelist_qubes.conf
@@ -7,7 +7,8 @@
 
 ## TODO: research
 ## https://github.com/QubesOS/qubes-core-agent-linux/blob/master/qubes-rpc/qfile-unpacker.c
+## https://github.com/QubesOS/qubes-issues/issues/8633
 ## match both:
 #/usr/lib/qubes/qfile-unpacker whitelist
 #/lib/qubes/qfile-unpacker
-/qubes/qfile-unpacker matchwhitelist
+qfile-unpacker matchwhitelist