## Copyright (C) 2012 - 2024 ENCRYPTED SUPPORT LP ## See the file COPYING for copying conditions. ## Please use "/etc/permission-hardener.d/20_user.conf" or ## "/usr/local/etc/permission-hardener.d/20_user.conf" for your custom ## configuration. When security-misc is updated, this file may be overwritten. ## TODO: research ## https://github.com/QubesOS/qubes-core-agent-linux/blob/master/qubes-rpc/qfile-unpacker.c ## ## Qubes upstream security issue: ## qfile-unpacker allows unprivileged users in VMs to gain root privileges ## https://github.com/QubesOS/qubes-issues/issues/8633 ## ## match both: #/usr/lib/qubes/qfile-unpacker whitelist #/lib/qubes/qfile-unpacker qfile-unpacker matchwhitelist