cover more folders in /usr/local

This commit is contained in:
Patrick Schleizer 2020-12-06 04:15:52 -05:00
parent 5bd267d774
commit b2b614ed2a
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48

View File

@ -81,28 +81,35 @@
## Remove all SUID/SGID binaries/libraries.
/bin/ nosuid
/usr/bin/ nosuid
/usr/local/bin/ nosuid
/sbin/ nosuid
/usr/bin/ nosuid
/usr/local/usr/bin/ nosuid
/usr/sbin/ nosuid
/sbin/ nosuid
/usr/local/sbin/ nosuid
/lib/ nosuid
/lib32/ nosuid
/lib64/ nosuid
/usr/sbin/ nosuid
/usr/local/usr/sbin/ nosuid
/usr/lib/ nosuid
/lib/ nosuid
/usr/local/lib/ nosuid
/usr/lib32/ nosuid
/lib32/ nosuid
/usr/local/lib32/ nosuid
/usr/lib64/ nosuid
/lib64/ nosuid
/usr/local/lib64/ nosuid
/usr/lib/ nosuid
/usr/local/usr/lib/ nosuid
/usr/lib32/ nosuid
/usr/local/usr/lib32/ nosuid
/usr/lib64/ nosuid
/usr/local/usr/lib64/ nosuid
## https://forums.whonix.org/t/suid-disabler-and-permission-hardener/7706/68
/opt/ nosuid
/usr/local/opt/ nosuid