From 1c059149c3cbab2b679065dcc96ea261634b4360 Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Fri, 13 Sep 2024 08:50:32 +0000 Subject: [PATCH] profiles: evolution: add /tmp/evolution-* & disable private-tmp (#6469) These paths are apparently used for attachments. Disable private-tmp to make it easier to open attachments with external programs. Relates to #5101. Reported-by: @githlp Suggested-by: @rusty-snake --- etc/inc/disable-programs.inc | 1 + etc/profile-a-l/evolution.profile | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index a233eaca1..371680b7b 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc @@ -1262,6 +1262,7 @@ blacklist ${RUNUSER}/qutebrowser blacklist /etc/ssmtp blacklist /tmp/.wine-* blacklist /tmp/akonadi-* +blacklist /tmp/evolution-* blacklist /tmp/i3-* blacklist /tmp/lwjgl_* blacklist /var/games/nethack diff --git a/etc/profile-a-l/evolution.profile b/etc/profile-a-l/evolution.profile index 517bb6206..e703938eb 100644 --- a/etc/profile-a-l/evolution.profile +++ b/etc/profile-a-l/evolution.profile @@ -6,6 +6,7 @@ include evolution.local # Persistent global definitions include globals.local +noblacklist /tmp/evolution-* noblacklist /var/mail noblacklist /var/spool/mail noblacklist ${HOME}/.bogofilter @@ -41,7 +42,7 @@ protocol unix,inet,inet6 seccomp private-dev -private-tmp +#private-tmp writable-var restrict-namespaces