From cf07e977bd6697af7a4326d7705447d500d35593 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Sun, 29 Nov 2020 09:09:42 -0500
Subject: [PATCH] add `/bin/pkexec exactwhitelist` for consistency

since there is already `/usr/bin/pkexec exactwhitelist`
---
 etc/permission-hardening.d/30_default.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/etc/permission-hardening.d/30_default.conf b/etc/permission-hardening.d/30_default.conf
index a4547d0..7684cc9 100644
--- a/etc/permission-hardening.d/30_default.conf
+++ b/etc/permission-hardening.d/30_default.conf
@@ -42,7 +42,9 @@
 /usr/lib/chromium/chrome-sandbox exactwhitelist
 
 /usr/bin/pkexec exactwhitelist
+/bin/pkexec exactwhitelist
 /usr/bin/pkexec.security-misc-orig exactwhitelist
+/bin/pkexec.security-misc-orig exactwhitelist
 
 ## https://forums.whonix.org/t/disable-suid-binaries/7706/61
 ## Protect from 'chmod -x' (and SUID removal).