diff options
author | smitsohu <smitsohu@gmail.com> | 2018-02-11 14:44:49 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-11 14:44:49 +0100 |
commit | 470dc711ed1acc9c2fc3059d9d399ff390a0bacf (patch) | |
tree | 417b60d2e39db7bd60c7b137c9105382a47e2724 | |
parent | Fix soundconverter not launching and audacity error popup (diff) | |
parent | keep remmina seccomp whitelist opt-in (diff) | |
download | firejail-470dc711ed1acc9c2fc3059d9d399ff390a0bacf.tar.gz firejail-470dc711ed1acc9c2fc3059d9d399ff390a0bacf.tar.zst firejail-470dc711ed1acc9c2fc3059d9d399ff390a0bacf.zip |
Merge pull request #1764 from jelford/remmina_seccomp
Add seccomp filters for remmina, from an strace session connecting via RDP
-rw-r--r-- | etc/remmina.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/remmina.profile b/etc/remmina.profile index f6738b7d5..cc209b84a 100644 --- a/etc/remmina.profile +++ b/etc/remmina.profile | |||
@@ -24,6 +24,7 @@ notv | |||
24 | novideo | 24 | novideo |
25 | protocol unix,inet,inet6 | 25 | protocol unix,inet,inet6 |
26 | seccomp | 26 | seccomp |
27 | # seccomp.keep access,arch_prctl,brk,chmod,clock_getres,clock_gettime,clone,close,connect,dup3,eventfd2,execve,fadvise64,fallocate,fcntl,flock,fstat,fstatfs,fsync,ftruncate,futex,getdents,getegid,geteuid,getgid,getpeername,getpid,getrandom,getresgid,getresuid,getsockname,getsockopt,gettid,getuid,inotify_add_watch,inotify_init1,inotify_rm_watch,ioctl,lseek,lstat,madvise,memfd_create,mmap,mprotect,mremap,munmap,nanosleep,open,openat,pipe,pipe2,poll,prctl,prlimit64,pwrite64,read,readlink,recvfrom,recvmsg,rename,rt_sigaction,rt_sigprocmask,sendmmsg,sendmsg,sendto,set_robust_list,setsockopt,set_tid_address,shmat,shmctl,shmdt,shmget,shutdown,socket,stat,statfs,sysinfo,tgkill,uname,utimensat,write,writev | ||
27 | shell none | 28 | shell none |
28 | 29 | ||
29 | private-dev | 30 | private-dev |