aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2020-03-16 15:55:52 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2020-03-16 15:55:52 -0400
commitb7e4f402f4102b105ac428fe0b2f615431388477 (patch)
treefa1f2cd7d2404f9978999c3c5b19d419ac731bea
parentsome profile hardening (diff)
downloadfirejail-b7e4f402f4102b105ac428fe0b2f615431388477.tar.gz
firejail-b7e4f402f4102b105ac428fe0b2f615431388477.tar.zst
firejail-b7e4f402f4102b105ac428fe0b2f615431388477.zip
profile fixes
Diffstat
-rw-r--r--etc/2048-qt.profile2
-rw-r--r--etc/calibre.profile1
-rw-r--r--etc/dia.profile2
-rw-r--r--etc/handbrake.profile1
-rw-r--r--etc/mate-calc.profile1
-rw-r--r--etc/midori.profile1
-rw-r--r--etc/mplayer.profile2
-rw-r--r--etc/musescore.profile1
-rw-r--r--etc/qpdfview.profile1
-rw-r--r--etc/scribus.profile1
-rw-r--r--etc/sol.profile1
-rw-r--r--etc/tcpdump.profile1
-rw-r--r--etc/warzone2100.profile1
-rw-r--r--etc/xpdf.profile3
14 files changed, 18 insertions, 1 deletions
diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile
index 2347039a6..95d482c22 100644
--- a/etc/2048-qt.profile
+++ b/etc/2048-qt.profile
@@ -23,7 +23,9 @@ whitelist ${HOME}/.config/xiaoyong
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-var-common.inc 24include whitelist-var-common.inc
25 25
26apparmor
26caps.drop all 27caps.drop all
28net none
27netfilter 29netfilter
28nodvd 30nodvd
29nogroups 31nogroups
diff --git a/etc/calibre.profile b/etc/calibre.profile
index ad6f0aa0d..d17cfa85f 100644
--- a/etc/calibre.profile
+++ b/etc/calibre.profile
@@ -19,6 +19,7 @@ include disable-xdg.inc
19 19
20include whitelist-var-common.inc 20include whitelist-var-common.inc
21 21
22apparmor
22caps.drop all 23caps.drop all
23netfilter 24netfilter
24nodvd 25nodvd
diff --git a/etc/dia.profile b/etc/dia.profile
index bd79797b7..0bfc249fa 100644
--- a/etc/dia.profile
+++ b/etc/dia.profile
@@ -18,7 +18,9 @@ include disable-interpreters.inc
18include disable-passwdmgr.inc 18include disable-passwdmgr.inc
19include disable-programs.inc 19include disable-programs.inc
20include disable-xdg.inc 20include disable-xdg.inc
21include whitelist-var-common.inc
21 22
23apparmor
22caps.drop all 24caps.drop all
23net none 25net none
24no3d 26no3d
diff --git a/etc/handbrake.profile b/etc/handbrake.profile
index 324c629e3..5b51bd03c 100644
--- a/etc/handbrake.profile
+++ b/etc/handbrake.profile
@@ -22,6 +22,7 @@ include whitelist-var-common.inc
22 22
23apparmor 23apparmor
24caps.drop all 24caps.drop all
25net none
25netfilter 26netfilter
26nodbus 27nodbus
27nogroups 28nogroups
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile
index 966aa0a13..8bd62ae0b 100644
--- a/etc/mate-calc.profile
+++ b/etc/mate-calc.profile
@@ -22,6 +22,7 @@ whitelist ${HOME}/.cache/mate-calc
22whitelist ${HOME}/.config/caja 22whitelist ${HOME}/.config/caja
23whitelist ${HOME}/.config/mate-menu 23whitelist ${HOME}/.config/mate-menu
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-var-common.inc
25 26
26apparmor 27apparmor
27caps.drop all 28caps.drop all
diff --git a/etc/midori.profile b/etc/midori.profile
index 648ce7738..e15259608 100644
--- a/etc/midori.profile
+++ b/etc/midori.profile
@@ -48,6 +48,7 @@ whitelist ${HOME}/.local/share/webkitgtk
48whitelist ${HOME}/.pki 48whitelist ${HOME}/.pki
49whitelist ${HOME}/.local/share/pki 49whitelist ${HOME}/.local/share/pki
50include whitelist-common.inc 50include whitelist-common.inc
51include whitelist-var-common.inc
51 52
52apparmor 53apparmor
53caps.drop all 54caps.drop all
diff --git a/etc/mplayer.profile b/etc/mplayer.profile
index 9ab4f8c7f..82877d9d4 100644
--- a/etc/mplayer.profile
+++ b/etc/mplayer.profile
@@ -21,7 +21,9 @@ include disable-xdg.inc
21include whitelist-usr-share-common.inc 21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
24apparmor
24caps.drop all 25caps.drop all
26net none
25netfilter 27netfilter
26# nogroups 28# nogroups
27nonewprivs 29nonewprivs
diff --git a/etc/musescore.profile b/etc/musescore.profile
index b3693c956..679e82ae8 100644
--- a/etc/musescore.profile
+++ b/etc/musescore.profile
@@ -23,6 +23,7 @@ include disable-xdg.inc
23 23
24include whitelist-var-common.inc 24include whitelist-var-common.inc
25 25
26apparmor
26caps.drop all 27caps.drop all
27netfilter 28netfilter
28no3d 29no3d
diff --git a/etc/qpdfview.profile b/etc/qpdfview.profile
index 863f57ba4..dace1634f 100644
--- a/etc/qpdfview.profile
+++ b/etc/qpdfview.profile
@@ -20,6 +20,7 @@ include disable-xdg.inc
20 20
21include whitelist-var-common.inc 21include whitelist-var-common.inc
22 22
23apparmor
23caps.drop all 24caps.drop all
24machine-id 25machine-id
25# needs D-Bus when started from a file manager 26# needs D-Bus when started from a file manager
diff --git a/etc/scribus.profile b/etc/scribus.profile
index e20cd1b5a..e7faccea1 100644
--- a/etc/scribus.profile
+++ b/etc/scribus.profile
@@ -40,6 +40,7 @@ include disable-xdg.inc
40 40
41include whitelist-var-common.inc 41include whitelist-var-common.inc
42 42
43apparmor
43caps.drop all 44caps.drop all
44net none 45net none
45nodbus 46nodbus
diff --git a/etc/sol.profile b/etc/sol.profile
index ea1620b31..4c8fdfbb1 100644
--- a/etc/sol.profile
+++ b/etc/sol.profile
@@ -17,6 +17,7 @@ include disable-xdg.inc
17include whitelist-common.inc 17include whitelist-common.inc
18include whitelist-var-common.inc 18include whitelist-var-common.inc
19 19
20apparmor
20caps.drop all 21caps.drop all
21ipc-namespace 22ipc-namespace
22net none 23net none
diff --git a/etc/tcpdump.profile b/etc/tcpdump.profile
index 3c46dfdcb..881fbf49e 100644
--- a/etc/tcpdump.profile
+++ b/etc/tcpdump.profile
@@ -19,6 +19,7 @@ include disable-xdg.inc
19 19
20include whitelist-common.inc 20include whitelist-common.inc
21 21
22apparmor
22caps.keep net_raw 23caps.keep net_raw
23ipc-namespace 24ipc-namespace
24#net tun0 25#net tun0
diff --git a/etc/warzone2100.profile b/etc/warzone2100.profile
index e65e0a0c3..e33cace49 100644
--- a/etc/warzone2100.profile
+++ b/etc/warzone2100.profile
@@ -22,6 +22,7 @@ whitelist ${HOME}/.warzone2100-3.2
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
25apparmor
25caps.drop all 26caps.drop all
26netfilter 27netfilter
27nodvd 28nodvd
diff --git a/etc/xpdf.profile b/etc/xpdf.profile
index 8c405ba1d..cb7ac4a59 100644
--- a/etc/xpdf.profile
+++ b/etc/xpdf.profile
@@ -19,6 +19,7 @@ include disable-xdg.inc
19 19
20include whitelist-var-common.inc 20include whitelist-var-common.inc
21 21
22apparmor
22caps.drop all 23caps.drop all
23machine-id 24machine-id
24net none 25net none
@@ -38,4 +39,4 @@ shell none
38 39
39private-dev 40private-dev
40private-tmp 41private-tmp
41 42memory-deny-write-execute
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-09 00:03:19 +0000