diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-09-05 17:49:32 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-09-05 17:53:12 +0200 |
commit | 880fd16254fd137d05d991ed980c132b5be4bd5f (patch) | |
tree | 1d2ad7cafc8363804f2e59e08723e321c3eaab0f | |
parent | explain removal of nodbus in qpdfview.profile (diff) | |
download | firejail-880fd16254fd137d05d991ed980c132b5be4bd5f.tar.gz firejail-880fd16254fd137d05d991ed980c132b5be4bd5f.tar.zst firejail-880fd16254fd137d05d991ed980c132b5be4bd5f.zip |
remove ~/.config/dconf from whitelist-common.inc
- dconf database is read-only (fde6e04b) and accessed over dbus,
there are no reasons to keep it in the sandbox
-rw-r--r-- | etc/qupzilla.profile | 2 | ||||
-rw-r--r-- | etc/seahorse.profile | 2 | ||||
-rw-r--r-- | etc/whitelist-common.inc | 4 |
3 files changed, 0 insertions, 8 deletions
diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile index 3f3270dd6..7aa71c848 100644 --- a/etc/qupzilla.profile +++ b/etc/qupzilla.profile | |||
@@ -21,7 +21,5 @@ mkdir ${HOME}/.config/qupzilla | |||
21 | whitelist ${HOME}/.cache/qupzilla | 21 | whitelist ${HOME}/.cache/qupzilla |
22 | whitelist ${HOME}/.config/qupzilla | 22 | whitelist ${HOME}/.config/qupzilla |
23 | 23 | ||
24 | # private-tmp - interferes with the opening of downloaded files | ||
25 | |||
26 | # Redirect | 24 | # Redirect |
27 | include falkon.profile | 25 | include falkon.profile |
diff --git a/etc/seahorse.profile b/etc/seahorse.profile index b9a0fd149..fe29a6731 100644 --- a/etc/seahorse.profile +++ b/etc/seahorse.profile | |||
@@ -20,10 +20,8 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.config/dconf | ||
24 | mkdir ${HOME}/.gnupg | 23 | mkdir ${HOME}/.gnupg |
25 | mkdir ${HOME}/.ssh | 24 | mkdir ${HOME}/.ssh |
26 | whitelist ${HOME}/.config/dconf | ||
27 | whitelist ${HOME}/.gnupg | 25 | whitelist ${HOME}/.gnupg |
28 | whitelist ${HOME}/.ssh | 26 | whitelist ${HOME}/.ssh |
29 | whitelist /tmp/ssh-* | 27 | whitelist /tmp/ssh-* |
diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc index 9c1b7b92c..717c82379 100644 --- a/etc/whitelist-common.inc +++ b/etc/whitelist-common.inc | |||
@@ -20,10 +20,6 @@ whitelist ${HOME}/.local/share/icons | |||
20 | whitelist ${HOME}/.local/share/mime | 20 | whitelist ${HOME}/.local/share/mime |
21 | whitelist ${HOME}/.mime.types | 21 | whitelist ${HOME}/.mime.types |
22 | 22 | ||
23 | # dconf | ||
24 | mkdir ${HOME}/.config/dconf | ||
25 | whitelist ${HOME}/.config/dconf | ||
26 | |||
27 | # fonts | 23 | # fonts |
28 | whitelist ${HOME}/.cache/fontconfig | 24 | whitelist ${HOME}/.cache/fontconfig |
29 | whitelist ${HOME}/.config/fontconfig | 25 | whitelist ${HOME}/.config/fontconfig |