Control: forward -1 https://github.com/netblue30/firejail/issues/4026 Control: severity -1 normal
Hi Vincent,
On Tue, Mar 02, 2021 at 12:22:09AM +0100, Vincent Lefevre wrote:
> This is misused in the case of a private home directory. This rule
> should apply against the original home directory, not the private
> home directory.
>
> The same should apply to all the other "read-only ${HOME}/..." rules
> as well.
I've raised the question upstream what the intended behaviour of ${HOME}
is, whether is should apply to the private home as well or not.
I can imagine that one would also be interested in having ${HOME} rules
apply to the private directory. You could still have sensitive files
inside a private home directory that you want to protect from
processes running in there.
Kind regards,
Reiner
signature.asc
Description: PGP signature
