diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-24 22:16:09 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-24 22:16:09 +0000 |
commit | 5229ddc5bce5b4dba8259f4057ca228112defd8e (patch) | |
tree | ee1cba17ecb88870e91471810c7f1a6b25962c82 | |
parent | Harden less.profile (#2466) (diff) | |
download | firejail-5229ddc5bce5b4dba8259f4057ca228112defd8e.tar.gz firejail-5229ddc5bce5b4dba8259f4057ca228112defd8e.tar.zst firejail-5229ddc5bce5b4dba8259f4057ca228112defd8e.zip |
Harden mediainfo.profile (#2467)
-rw-r--r-- | etc/mediainfo.profile | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index 32a269fd3..6bb393376 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile | |||
@@ -14,7 +14,10 @@ include disable-interpreters.inc | |||
14 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | apparmor | ||
17 | caps.drop all | 18 | caps.drop all |
19 | ipc-namespace | ||
20 | machine-id | ||
18 | net none | 21 | net none |
19 | no3d | 22 | no3d |
20 | nodbus | 23 | nodbus |
@@ -36,3 +39,7 @@ private-cache | |||
36 | private-dev | 39 | private-dev |
37 | private-etc alternatives | 40 | private-etc alternatives |
38 | private-tmp | 41 | private-tmp |
42 | |||
43 | memory-deny-write-execute | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||