suid utempter/utempter matchwhitelist

to cover both:

/usr/lib/x86_64-linux-gnu/utempter/utempter
/lib/x86_64-linux-gnu/utempter/utempter
This commit is contained in:
Patrick Schleizer 2019-12-22 18:56:36 -05:00
parent 9409209b48
commit 6eb8fd257a
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48

View File

@ -26,7 +26,6 @@
/usr/lib/policykit-1/polkit-agent-helper-1 whitelist
/usr/lib/dbus-1.0/dbus-daemon-launch-helper whitelist
/usr/lib/spice-gtk/spice-client-glib-usb-acl-helper whitelist
/usr/lib/x86_64-linux-gnu/utempter/utempter whitelist
/usr/lib/chromium/chrome-sandbox whitelist
## There is a controversy about firejail but those who choose to install it
@ -55,6 +54,7 @@
## TODO: white spaces inside file name untested
/usr/lib/virtualbox/ matchwhitelist
/utempter/utempter matchwhitelist
######################################################################
# Permission Hardening