Expand the directories that are possible for whitelisting

[pepa65]

Currently only $HOME, /dev, /media, /opt, /var, and /tmp can be used for whitelisting. It would be very helpful there could be an option to include other directories.

Or if that is too cumbersome, perhaps could you allow for /data/ to be whitelisted?? I noticed one other person wanting to use that particular directory.

[netblue30]

Some other directories are covered by --private options:

--private-bin: handles /bin, /sbin, /usr/bin, /usr/sbin, /usr/local/bin, /usr/local/sbin

--private-etc: /etc

What other directory do you have in mind?

[pepa65]

/data
Sorry if it's not POSIX compliant... Otherwise I have to manually remove/modify a lot of whitelists in de default configs. But if you had a generic way of allowing people to choose, you wouldn't need to respond to every new request from erratic users. :-)

[netblue30]

No problem, it can definitely be done in a generic way. I also have a similar request for /lib and /usr/lib and such.

So, I will bring in a generic whitelist for any directory under /, and private-lib support.

[msva]

@netblue30,

I will bring in a generic whitelist for any directory under /

I'd VERY like to finally see that ASAP (and same for mkdir too)! 😀

Is it something that blocks you from doing that? Or, will you, at least, accept a PR with such modifications?

[chiraag-nataraj]

Let's move this to #2041, since private-lib has been added, but generic whitelist has not (yet) made it in.