Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

text-editors: cannot access all text files in the user home #6002

Closed
ilikenwf opened this issue Sep 13, 2023 · 2 comments · Fixed by #6477
Closed

text-editors: cannot access all text files in the user home #6002

ilikenwf opened this issue Sep 13, 2023 · 2 comments · Fixed by #6477
Labels
firecfg Anything related to firecfg and not firejail itself

Comments

@ilikenwf
Copy link
Contributor

Sometimes, packages require edits, sometimes those are larger than I'd prefer to use with vim.

I question the use in even firejailing geany at this point, though...
@glitsj16
Copy link
Collaborator

~/.cache/yay isn't blacklisted anywhere AFAICT, so a noblacklist on that path won't do anything. Probably the private-cache in geany.profile needs to be ignored to do what you want.

I question the use in even firejailing geany at this point, though...

I can see why you'd question this, IMO rightly so. If memory serves we've discussed dropping GUI editors from being auto-firejailed via firecfg at some point. Can't track any references on the topic right now but we might have to reconsider it - again...

@kmk3 kmk3 added the needinfo More information is needed from the issue author label Sep 14, 2024
@kmk3 kmk3 changed the title Even if I add "noblacklist" to allow-common-devel.local, .cache/yay/* is still disabled for IDEs like geany geany: cannot access ~/.cache/yay Sep 14, 2024
@kmk3 kmk3 removed the needinfo More information is needed from the issue author label Sep 14, 2024
kmk3 added a commit to kmk3/firejail that referenced this issue Sep 14, 2024
@kmk3
profiles: firecfg: disable text editors
1e7b36f 
Disable common general-purpose text editors.

They are likely to be the default OS text editor and users may want to
use them for editing most/all files, which could include common
sensitive files such as ~/.bashrc and profiles in ~/.config/firejail.

Fixes netblue30#6002.

Reported-by: @ilikenwf
@kmk3 kmk3 mentioned this issue Sep 14, 2024
Merged
@kmk3
Copy link
Collaborator

kmk3 commented Sep 14, 2024

Relates to:

@kmk3 kmk3 added the firecfg Anything related to firecfg and not firejail itself label Sep 14, 2024
@kmk3 kmk3 changed the title geany: cannot access ~/.cache/yay text-editors: cannot access all files in the user home Sep 15, 2024
@kmk3 kmk3 changed the title text-editors: cannot access all files in the user home text-editors: cannot access all text files in the user home Sep 15, 2024
kmk3 added a commit to kmk3/firejail that referenced this issue Sep 16, 2024
@kmk3
profiles: firecfg: disable text editors
0944ef0 
Disable common general-purpose text editors.

They are likely to be the default OS text editor and users may want to
use them for editing most/all files, which could include common
sensitive files such as ~/.bashrc and profiles in ~/.config/firejail.

Fixes netblue30#6002.

Reported-by: @ilikenwf
kmk3 added a commit to kmk3/firejail that referenced this issue Sep 19, 2024
@kmk3
profiles: firecfg: disable text editors
b13975f 
Disable common general-purpose text editors.

They are likely to be the default OS text editor and users may want to
use them for editing most/all files, which could include common
sensitive files such as ~/.bashrc and profiles in ~/.config/firejail.

Fixes netblue30#6002.

Reported-by: @ilikenwf
kmk3 added a commit to kmk3/firejail that referenced this issue Sep 19, 2024
@kmk3
profiles: firecfg: disable text editors
07ea54c 
Disable common general-purpose text editors.

They are likely to be the default OS text editor and users may want to
use them for editing most/all files, which could include common
sensitive files such as ~/.bashrc and profiles in ~/.config/firejail.

Fixes netblue30#6002.

Reported-by: @ilikenwf
kmk3 added a commit to kmk3/firejail that referenced this issue Sep 19, 2024
@kmk3
profiles: firecfg: disable text editors
f1365a8 
Disable common general-purpose text editors.

They are likely to be the default OS text editor and users may want to
use them for editing most/all files, which could include common
sensitive files such as ~/.bashrc and profiles in ~/.config/firejail.

Fixes netblue30#6002.

Relates to netblue30#924 netblue30#941 netblue30#1154.

Reported-by: @ilikenwf
kmk3 added a commit that referenced this issue Sep 19, 2024
@kmk3
profiles: firecfg: disable text editors (#6477)
bd8ed0b 
Disable common general-purpose text editors.

They are likely to be the default OS text editor and users may want to
use them for editing most/all files, which could include common
sensitive files such as ~/.bashrc and profiles in ~/.config/firejail.

Fixes #6002.

Relates to #924 #941 #1154.

Reported-by: @ilikenwf
kmk3 added a commit that referenced this issue Sep 19, 2024
@kmk3
RELNOTES: add profile items
1b2d18e 
Relates to #5816 #5877 #6002 #6477 #6478 #6479.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
firecfg Anything related to firecfg and not firejail itself
Projects
Release 0.9.74
Status: Done (on RELNOTES)
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

profiles: firecfg: disable text editors kmk3/firejail
3 participants
@ilikenwf @glitsj16 @kmk3