diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-10-06 00:37:09 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-10-06 00:37:09 +0200 |
commit | fc44a9a9e94aa83f5a919c17252de0a5c454088f (patch) | |
tree | 4ea8a25cca9f24c31bcbdc73ac9e8dea17fc5759 | |
parent | whitelist-usr-share-common.inc (#2972) (diff) | |
download | firejail-fc44a9a9e94aa83f5a919c17252de0a5c454088f.tar.gz firejail-fc44a9a9e94aa83f5a919c17252de0a5c454088f.tar.zst firejail-fc44a9a9e94aa83f5a919c17252de0a5c454088f.zip |
Wusc fixes (#2992)
* Add wusc to eom
* Fix wusc in firefox
Without access to /usr/share/ca-certificates all HTTPS traffic gets the FF dialog 'Warning: Potential Security Risk Ahead'. Probably needed in thunderbird profile too (untested).
* Fix wusc ordering in meld
Just an alphabetical ordering nitpick.
-rw-r--r-- | etc/eom.profile | 3 | ||||
-rw-r--r-- | etc/firefox.profile | 1 | ||||
-rw-r--r-- | etc/meld.profile | 6 |
3 files changed, 7 insertions, 3 deletions
diff --git a/etc/eom.profile b/etc/eom.profile index 437326d38..18b978543 100644 --- a/etc/eom.profile +++ b/etc/eom.profile | |||
@@ -8,6 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mate/eom | 9 | noblacklist ${HOME}/.config/mate/eom |
10 | 10 | ||
11 | whitelist /usr/share/eom | ||
12 | include whitelist-usr-share-common.inc | ||
13 | |||
11 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager' | 14 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager' |
12 | # comment those if you need that functionality | 15 | # comment those if you need that functionality |
13 | # or put 'ignore private-bin', 'ignore private-etc' and 'ignore private-lib' in your eom.local | 16 | # or put 'ignore private-bin', 'ignore private-etc' and 'ignore private-lib' in your eom.local |
diff --git a/etc/firefox.profile b/etc/firefox.profile index b05321ece..81db1db9b 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -14,6 +14,7 @@ mkdir ${HOME}/.mozilla | |||
14 | whitelist ${HOME}/.cache/mozilla/firefox | 14 | whitelist ${HOME}/.cache/mozilla/firefox |
15 | whitelist ${HOME}/.mozilla | 15 | whitelist ${HOME}/.mozilla |
16 | 16 | ||
17 | whitelist /usr/share/ca-certificates | ||
17 | whitelist /usr/share/mozilla | 18 | whitelist /usr/share/mozilla |
18 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
19 | 20 | ||
diff --git a/etc/meld.profile b/etc/meld.profile index 8e3668d57..22ec2b999 100644 --- a/etc/meld.profile +++ b/etc/meld.profile | |||
@@ -34,13 +34,13 @@ include disable-passwdmgr.inc | |||
34 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-programs.inc. | 34 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-programs.inc. |
35 | #include disable-programs.inc | 35 | #include disable-programs.inc |
36 | 36 | ||
37 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in /var. | ||
38 | #include whitelist-var-common.inc | ||
39 | |||
40 | # Uncomment the next lines (or put it into your meld.local) if you don't need to compare files in /usr/share. | 37 | # Uncomment the next lines (or put it into your meld.local) if you don't need to compare files in /usr/share. |
41 | #whitelist /usr/share/meld | 38 | #whitelist /usr/share/meld |
42 | #include whitelist-usr-share-common.inc | 39 | #include whitelist-usr-share-common.inc |
43 | 40 | ||
41 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in /var. | ||
42 | #include whitelist-var-common.inc | ||
43 | |||
44 | apparmor | 44 | apparmor |
45 | caps.drop all | 45 | caps.drop all |
46 | ipc-namespace | 46 | ipc-namespace |