diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-07-09 05:29:23 +1000 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-07-09 05:29:23 +1000 |
commit | 741bd754b70c5020b2c21681879ead4d1910e4ff (patch) | |
tree | c5caa9382a6a0de38a65fa7392e941dcc5e2a3aa | |
parent | If you give a mouse a cookie... (diff) | |
download | firejail-741bd754b70c5020b2c21681879ead4d1910e4ff.tar.gz firejail-741bd754b70c5020b2c21681879ead4d1910e4ff.tar.zst firejail-741bd754b70c5020b2c21681879ead4d1910e4ff.zip |
...he'll probably want to hack Firejail profiles.
-rw-r--r-- | etc/gthumb.profile | 9 | ||||
-rw-r--r-- | etc/pix.profile | 9 |
2 files changed, 10 insertions, 8 deletions
diff --git a/etc/gthumb.profile b/etc/gthumb.profile index c673a1297..3c02576aa 100644 --- a/etc/gthumb.profile +++ b/etc/gthumb.profile | |||
@@ -7,14 +7,15 @@ include /etc/firejail/disable-devel.inc | |||
7 | include /etc/firejail/disable-passwdmgr.inc | 7 | include /etc/firejail/disable-passwdmgr.inc |
8 | 8 | ||
9 | caps.drop all | 9 | caps.drop all |
10 | netfilter | ||
11 | nonewprivs | 10 | nonewprivs |
11 | nogroups | ||
12 | noroot | 12 | noroot |
13 | protocol unix,inet,inet6 | 13 | nosound |
14 | protocol unix | ||
14 | seccomp | 15 | seccomp |
15 | |||
16 | shell none | 16 | shell none |
17 | tracelog | ||
18 | |||
17 | private-bin gthumb | 19 | private-bin gthumb |
18 | whitelist /tmp/.X11-unix | 20 | whitelist /tmp/.X11-unix |
19 | private-dev | 21 | private-dev |
20 | nosound | ||
diff --git a/etc/pix.profile b/etc/pix.profile index 81ab7486f..80c05fd09 100644 --- a/etc/pix.profile +++ b/etc/pix.profile | |||
@@ -8,15 +8,16 @@ include /etc/firejail/disable-devel.inc | |||
8 | include /etc/firejail/disable-passwdmgr.inc | 8 | include /etc/firejail/disable-passwdmgr.inc |
9 | 9 | ||
10 | caps.drop all | 10 | caps.drop all |
11 | netfilter | ||
12 | nonewprivs | 11 | nonewprivs |
12 | nogroups | ||
13 | noroot | 13 | noroot |
14 | protocol unix,inet,inet6 | 14 | nosound |
15 | protocol unix | ||
15 | seccomp | 16 | seccomp |
16 | |||
17 | shell none | 17 | shell none |
18 | tracelog | ||
19 | |||
18 | private-bin pix | 20 | private-bin pix |
19 | whitelist /tmp/.X11-unix | 21 | whitelist /tmp/.X11-unix |
20 | private-dev | 22 | private-dev |
21 | nosound | ||
22 | 23 | ||