diff options
author | valoq <valoq@mailbox.org> | 2016-12-21 11:39:14 +0100 |
---|---|---|
committer | valoq <valoq@mailbox.org> | 2016-12-21 11:39:14 +0100 |
commit | 4ed9a798064610c86cd9167fb098969dd6665b8f (patch) | |
tree | 1849ee71e359e69c7f7b6ca3b0bd0e3df8c44bc9 | |
parent | profile improvements (diff) | |
download | firejail-4ed9a798064610c86cd9167fb098969dd6665b8f.tar.gz firejail-4ed9a798064610c86cd9167fb098969dd6665b8f.tar.zst firejail-4ed9a798064610c86cd9167fb098969dd6665b8f.zip |
more profile improvements
-rw-r--r-- | etc/elinks.profile | 3 | ||||
-rw-r--r-- | etc/highlight.profile | 4 | ||||
-rw-r--r-- | etc/lynx.profile | 3 | ||||
-rw-r--r-- | etc/mediainfo.profile | 3 | ||||
-rw-r--r-- | etc/w3m.profile | 3 |
5 files changed, 16 insertions, 0 deletions
diff --git a/etc/elinks.profile b/etc/elinks.profile index df817ea56..ade15f203 100644 --- a/etc/elinks.profile +++ b/etc/elinks.profile | |||
@@ -11,12 +11,15 @@ nogroups | |||
11 | nonewprivs | 11 | nonewprivs |
12 | noroot | 12 | noroot |
13 | nosound | 13 | nosound |
14 | no3d | ||
14 | protocol unix,inet,inet6 | 15 | protocol unix,inet,inet6 |
15 | seccomp | 16 | seccomp |
16 | netfilter | 17 | netfilter |
17 | shell none | 18 | shell none |
18 | tracelog | 19 | tracelog |
19 | 20 | ||
21 | blacklist /tmp/.X11-unix | ||
22 | |||
20 | # private-bin elinks | 23 | # private-bin elinks |
21 | private-tmp | 24 | private-tmp |
22 | private-dev | 25 | private-dev |
diff --git a/etc/highlight.profile b/etc/highlight.profile index f95f3924a..4bab18349 100644 --- a/etc/highlight.profile +++ b/etc/highlight.profile | |||
@@ -13,10 +13,14 @@ protocol unix | |||
13 | seccomp | 13 | seccomp |
14 | netfilter | 14 | netfilter |
15 | net none | 15 | net none |
16 | no3d | ||
16 | shell none | 17 | shell none |
17 | tracelog | 18 | tracelog |
18 | 19 | ||
20 | blacklist /tmp/.X11-unix | ||
21 | |||
19 | private-bin highlight | 22 | private-bin highlight |
23 | # private-etc none | ||
20 | private-tmp | 24 | private-tmp |
21 | private-dev | 25 | private-dev |
22 | 26 | ||
diff --git a/etc/lynx.profile b/etc/lynx.profile index 6e150f62e..3e8d72103 100644 --- a/etc/lynx.profile +++ b/etc/lynx.profile | |||
@@ -9,12 +9,15 @@ nogroups | |||
9 | nonewprivs | 9 | nonewprivs |
10 | noroot | 10 | noroot |
11 | nosound | 11 | nosound |
12 | no3d | ||
12 | protocol unix,inet,inet6 | 13 | protocol unix,inet,inet6 |
13 | seccomp | 14 | seccomp |
14 | netfilter | 15 | netfilter |
15 | shell none | 16 | shell none |
16 | tracelog | 17 | tracelog |
17 | 18 | ||
19 | blacklist /tmp/.X11-unix | ||
20 | |||
18 | # private-bin lynx | 21 | # private-bin lynx |
19 | private-tmp | 22 | private-tmp |
20 | private-dev | 23 | private-dev |
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index c07a9a9e8..65d12c49e 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile | |||
@@ -9,6 +9,7 @@ nogroups | |||
9 | nonewprivs | 9 | nonewprivs |
10 | noroot | 10 | noroot |
11 | nosound | 11 | nosound |
12 | no3d | ||
12 | protocol unix | 13 | protocol unix |
13 | seccomp | 14 | seccomp |
14 | netfilter | 15 | netfilter |
@@ -16,6 +17,8 @@ net none | |||
16 | shell none | 17 | shell none |
17 | tracelog | 18 | tracelog |
18 | 19 | ||
20 | blacklist /tmp/.X11-unix | ||
21 | |||
19 | private-bin mediainfo | 22 | private-bin mediainfo |
20 | private-tmp | 23 | private-tmp |
21 | private-dev | 24 | private-dev |
diff --git a/etc/w3m.profile b/etc/w3m.profile index d765217cf..7ee91bb70 100644 --- a/etc/w3m.profile +++ b/etc/w3m.profile | |||
@@ -11,12 +11,15 @@ nogroups | |||
11 | nonewprivs | 11 | nonewprivs |
12 | noroot | 12 | noroot |
13 | nosound | 13 | nosound |
14 | no3d | ||
14 | protocol unix,inet,inet6 | 15 | protocol unix,inet,inet6 |
15 | seccomp | 16 | seccomp |
16 | netfilter | 17 | netfilter |
17 | shell none | 18 | shell none |
18 | tracelog | 19 | tracelog |
19 | 20 | ||
21 | blacklist /tmp/.X11-unix | ||
22 | |||
20 | # private-bin w3m | 23 | # private-bin w3m |
21 | private-tmp | 24 | private-tmp |
22 | private-dev | 25 | private-dev |