New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
does not cover /usr/local/etc #30
Comments
I think you're saying Whonix needs this whitelisted by default? |
No. While some Whonix packages parse that folder by default, nothing is
using it by default. Only users could put configuration files there if
they don't want to add them in TemplateVM.
Files there should be seen as potential malware hooks unless somehow (I
don't fully understand all yet) whitelisted by the user.
|
According to the threat model (malware being added to /rw in template-based appvm) we're really talking about /rw/usrlocal which is one of the three /rw dirs that are sanitized by default. |
Alright, therefore invalid bug report.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Whonix makes extensive use of /usr/local/etc (/usr/local is stored in /rw). (I find that folder closer to FHS than inventing /rw/config.)
The text was updated successfully, but these errors were encountered: