diff options
| author |  rusty-snake <print_hello_world+Public@protonmail.com> | 2020-03-19 19:19:52 +0100 |
|---|---|---|
| committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-03-19 19:19:52 +0100 |
| commit | dd8c7d1ea1db204908a8310f340f7600111d416e (patch) | |
| tree | 9cc298450e0c49e45ba8f8c59dd852486f656936 | |
| parent | harden baobab and gitg (diff) | |
| download | firejail-dd8c7d1ea1db204908a8310f340f7600111d416e.tar.gz firejail-dd8c7d1ea1db204908a8310f340f7600111d416e.tar.zst firejail-dd8c7d1ea1db204908a8310f340f7600111d416e.zip | |
extend default.profile
| -rw-r--r-- | etc/default.profile | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/etc/default.profile b/etc/default.profile index 95a6e8095..7731b6e00 100644 --- a/etc/default.profile +++ b/etc/default.profile | |||
| @@ -16,6 +16,11 @@ include disable-passwdmgr.inc | |||
| 16 | include disable-programs.inc | 16 | include disable-programs.inc |
| 17 | # include disable-xdg.inc | 17 | # include disable-xdg.inc |
| 18 | 18 | ||
| 19 | # include whitelist-common.inc | ||
| 20 | # include whitelist-usr-share-common.inc | ||
| 21 | # include whitelist-runuser-common.inc | ||
| 22 | # include whitelist-var-common.inc | ||
| 23 | |||
| 19 | # apparmor | 24 | # apparmor |
| 20 | caps.drop all | 25 | caps.drop all |
| 21 | # ipc-namespace | 26 | # ipc-namespace |
| @@ -42,8 +47,11 @@ seccomp | |||
| 42 | # private-bin program | 47 | # private-bin program |
| 43 | # private-cache | 48 | # private-cache |
| 44 | # private-dev | 49 | # private-dev |
| 45 | # private-etc alternatives | 50 | # see /usr/share/doc/firejail/profile.template for more common private-etc paths. |
| 51 | # private-etc alternatives,fonts,machine-id | ||
| 46 | # private-lib | 52 | # private-lib |
| 53 | # private-opt none | ||
| 47 | # private-tmp | 54 | # private-tmp |
| 48 | 55 | ||
| 49 | # memory-deny-write-execute | 56 | # memory-deny-write-execute |
| 57 | # read-only ${HOME} | ||