disable-common.inc: move blacklist of /etc/profile.d

To disable-shell.inc. Interactive shells can be executed from certain development-related programs (such as IDEs) and the shells themselves are not blocked by default, but this shell startup directory currently is. To avoid running a shell without access to potentially needed startup files, only blacklist /etc/profile.d when interactive shells are also blocked. Note that /etc/profile.d should only be of concern to interactive shells, so a profile that includes both disable-shell.inc and allow-bin-sh.inc (which likely means that it needs access to only non-interactive shells) should not be affected by the blacklisting. Relates to netblue30#3411 netblue30#5159.
kmk3 · May 30, 2022 · 66dc264 · 66dc264
1 parent c7fde57
commit 66dc264
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 2 deletions.
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
@@ -261,7 +261,6 @@ blacklist /etc/grub*
 blacklist /etc/kernel*
 blacklist /etc/logrotate*
 blacklist /etc/modules*
-blacklist /etc/profile.d
 blacklist /etc/rc.local
 # rc1.d, rc2.d, ...
 blacklist /etc/rc?.d

diff --git a/etc/inc/disable-shell.inc b/etc/inc/disable-shell.inc
@@ -13,3 +13,4 @@ blacklist ${PATH}/sh
 blacklist ${PATH}/tclsh
 blacklist ${PATH}/tcsh
 blacklist ${PATH}/zsh
+blacklist /etc/profile.d
diff --git a/etc/profile-a-l/kate.profile b/etc/profile-a-l/kate.profile
@@ -23,7 +23,6 @@ noblacklist ${HOME}/.local/share/kxmlgui5/kateopenheaderplugin
 noblacklist ${HOME}/.local/share/kxmlgui5/katepart
 noblacklist ${HOME}/.local/share/kxmlgui5/kateproject
 noblacklist ${HOME}/.local/share/kxmlgui5/katesearch
-noblacklist /etc/profile.d
 
 # Allows files commonly used by IDEs
 include allow-common-devel.inc