[PR #6361] [MERGED] profiles: blacklist i3 IPC socket & dir except for i3 itself #5978

New issue

Closed

opened 2026-05-05 10:48:28 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 10:48:28 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/netblue30/firejail/pull/6361
Author: @smheidrich
Created: 5/26/2024
Status: ✅ Merged
Merged: 6/8/2024
Merged by: @undefined

Base: master ← Head: blacklist-i3-ipc-socket

📝 Commits (1)

87317dd profiles: blacklist i3 IPC socket & dir except for i3 itself

📊 Changes

3 files changed (+10 additions, -0 deletions)

View changed files

📝 etc/inc/disable-common.inc (+4 -0)
📝 etc/inc/disable-programs.inc (+2 -0)
📝 etc/profile-a-l/i3.profile (+4 -0)

📄 Description

This closes the escape route discussed in https://github.com/netblue30/firejail/discussions/6357.

It's left open for i3's own profile, so that people who run i3 itself sandboxed still have the option to use IPC with it at all.

Reference for file paths: https://i3wm.org/docs/userguide.html#_interprocess_communication

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/netblue30/firejail/pull/6361 **Author:** [@smheidrich](https://github.com/smheidrich) **Created:** 5/26/2024 **Status:** ✅ Merged **Merged:** 6/8/2024 **Merged by:** [@undefined](undefined) **Base:** `master` ← **Head:** `blacklist-i3-ipc-socket` --- ### 📝 Commits (1) - [`87317dd`](https://github.com/netblue30/firejail/commit/87317dd14ff2b451705dc2d477180999b32c8423) profiles: blacklist i3 IPC socket & dir except for i3 itself ### 📊 Changes **3 files changed** (+10 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `etc/inc/disable-common.inc` (+4 -0) 📝 `etc/inc/disable-programs.inc` (+2 -0) 📝 `etc/profile-a-l/i3.profile` (+4 -0) </details> ### 📄 Description This closes the escape route discussed in https://github.com/netblue30/firejail/discussions/6357. It's left open for i3's own profile, so that people who run i3 itself sandboxed still have the option to use IPC with it at all. Reference for file paths: https://i3wm.org/docs/userguide.html#_interprocess_communication --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

gitea-mirror

2026-05-05 10:48:28 -06:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#5978

No description provided.

Rows
Columns