diff options
author | Vincent43 <31109921+Vincent43@users.noreply.github.com> | 2018-10-13 13:26:32 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-13 13:26:32 +0100 |
commit | af3fda6a6166c6e62eec343e96d84e8dc385e170 (patch) | |
tree | 0ef70cf7b0400b25c771a7838eb4828f10fbe894 | |
parent | Merge pull request #2186 from crass/fix-2148-always-have-helpers-in-sandbox (diff) | |
parent | Add masterpdfeditor to firecfg (diff) | |
download | firejail-af3fda6a6166c6e62eec343e96d84e8dc385e170.tar.gz firejail-af3fda6a6166c6e62eec343e96d84e8dc385e170.tar.zst firejail-af3fda6a6166c6e62eec343e96d84e8dc385e170.zip |
Merge pull request #2185 from glitsj16/masterpdfeditor
New profile masterpdfeditor
-rw-r--r-- | etc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/masterpdfeditor.profile | 50 | ||||
-rw-r--r-- | etc/masterpdfeditor4.profile | 12 | ||||
-rw-r--r-- | etc/masterpdfeditor5.profile | 12 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 2 |
5 files changed, 78 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 251362b77..0aa64fafb 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -52,6 +52,7 @@ blacklist ${HOME}/.config/Beaker Browser | |||
52 | blacklist ${HOME}/.config/Brackets | 52 | blacklist ${HOME}/.config/Brackets |
53 | blacklist ${HOME}/.config/Clementine | 53 | blacklist ${HOME}/.config/Clementine |
54 | blacklist ${HOME}/.config/Code | 54 | blacklist ${HOME}/.config/Code |
55 | blacklist ${HOME}/.config/Code Industry | ||
55 | blacklist ${HOME}/.config/Cryptocat | 56 | blacklist ${HOME}/.config/Cryptocat |
56 | blacklist ${HOME}/.config/Franz | 57 | blacklist ${HOME}/.config/Franz |
57 | blacklist ${HOME}/.config/FreeCAD | 58 | blacklist ${HOME}/.config/FreeCAD |
@@ -458,6 +459,7 @@ blacklist ${HOME}/.local/share/xplayer | |||
458 | blacklist ${HOME}/.local/share/xreader | 459 | blacklist ${HOME}/.local/share/xreader |
459 | blacklist ${HOME}/.local/share/zathura | 460 | blacklist ${HOME}/.local/share/zathura |
460 | blacklist ${HOME}/.lv2 | 461 | blacklist ${HOME}/.lv2 |
462 | blacklist ${HOME}/.masterpdfeditor | ||
461 | blacklist ${HOME}/.mcabber | 463 | blacklist ${HOME}/.mcabber |
462 | blacklist ${HOME}/.mcabberrc | 464 | blacklist ${HOME}/.mcabberrc |
463 | blacklist ${HOME}/.mediathek3 | 465 | blacklist ${HOME}/.mediathek3 |
diff --git a/etc/masterpdfeditor.profile b/etc/masterpdfeditor.profile new file mode 100644 index 000000000..cc80679fc --- /dev/null +++ b/etc/masterpdfeditor.profile | |||
@@ -0,0 +1,50 @@ | |||
1 | # Firejail profile for masterpdfeditor | ||
2 | # Description: A complete solution for creating and editing PDF files | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/masterpdfeditor.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/Code Industry | ||
10 | noblacklist ${HOME}/.masterpdfeditor | ||
11 | |||
12 | include /etc/firejail/disable-common.inc | ||
13 | include /etc/firejail/disable-devel.inc | ||
14 | include /etc/firejail/disable-interpreters.inc | ||
15 | include /etc/firejail/disable-passwdmgr.inc | ||
16 | include /etc/firejail/disable-programs.inc | ||
17 | |||
18 | include /etc/firejail/whitelist-var-common.inc | ||
19 | |||
20 | caps.drop all | ||
21 | ipc-namespace | ||
22 | machine-id | ||
23 | net none | ||
24 | no3d | ||
25 | nodbus | ||
26 | nodvd | ||
27 | nogroups | ||
28 | nonewprivs | ||
29 | noroot | ||
30 | nosound | ||
31 | notv | ||
32 | nou2f | ||
33 | novideo | ||
34 | protocol unix | ||
35 | seccomp | ||
36 | shell none | ||
37 | tracelog | ||
38 | |||
39 | # disable-mnt | ||
40 | # private | ||
41 | private-bin masterpdfeditor* | ||
42 | private-cache | ||
43 | private-dev | ||
44 | private-etc fonts | ||
45 | # private-lib | ||
46 | private-tmp | ||
47 | |||
48 | # memory-deny-write-execute | ||
49 | noexec ${HOME} | ||
50 | noexec /tmp | ||
diff --git a/etc/masterpdfeditor4.profile b/etc/masterpdfeditor4.profile new file mode 100644 index 000000000..7ab9c9421 --- /dev/null +++ b/etc/masterpdfeditor4.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Firejail profile for masterpdfeditor4 | ||
2 | # Description: A complete solution for creating and editing PDF files | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/masterpdfeditor4.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include /etc/firejail/globals.local | ||
9 | |||
10 | |||
11 | # Redirect | ||
12 | include /etc/firejail/masterpdfeditor.profile | ||
diff --git a/etc/masterpdfeditor5.profile b/etc/masterpdfeditor5.profile new file mode 100644 index 000000000..86faf5da0 --- /dev/null +++ b/etc/masterpdfeditor5.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Firejail profile for masterpdfeditor5 | ||
2 | # Description: A complete solution for creating and editing PDF files | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/masterpdfeditor5.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include /etc/firejail/globals.local | ||
9 | |||
10 | |||
11 | # Redirect | ||
12 | include /etc/firejail/masterpdfeditor.profile | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index d33ae32cc..dba078ca2 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -271,6 +271,8 @@ lximage-qt | |||
271 | lxmusic | 271 | lxmusic |
272 | lynx | 272 | lynx |
273 | macrofusion | 273 | macrofusion |
274 | masterpdfeditor4 | ||
275 | masterpdfeditor5 | ||
274 | mate-calc | 276 | mate-calc |
275 | mate-calculator | 277 | mate-calculator |
276 | mate-color-select | 278 | mate-color-select |