github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

Expose /tmp/.X11-unix as read-only as per Issue #2269

Browse source
This commit is contained in:
ಚಿರಾಗ್ ನಟರಾಜ್ 2019-05-19 22:56:36 +00:00
parent d01b93bbbd
commit feae44c4ff
No known key found for this signature in database
GPG key ID: 39003804B4CBF3F6
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/firejail/fs.c
View file

@ -1519,6 +1519,8 @@ void fs_private_tmp(void) {
// whitelist x11 directory
profile_add("whitelist /tmp/.X11-unix");
// read-only x11 directory
profile_add("read-only /tmp/.X11-unix");
// whitelist any pulse* file in /tmp directory
// some distros use PulseAudio sockets under /tmp instead of the socket in /urn/user