diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-01-03 11:49:22 +0100 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-01-03 11:49:22 +0100 |
commit | a94da5e9be89895c98d0e10d77c0d34013806e65 (patch) | |
tree | ec2f30658fcb600fee566f772c167472227db123 | |
parent | Update README (diff) | |
download | firejail-a94da5e9be89895c98d0e10d77c0d34013806e65.tar.gz firejail-a94da5e9be89895c98d0e10d77c0d34013806e65.tar.zst firejail-a94da5e9be89895c98d0e10d77c0d34013806e65.zip |
fixup! Extra hardening for wget
-rw-r--r-- | etc/wget.profile | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/etc/wget.profile b/etc/wget.profile index 5b1ba6202..549ee7945 100644 --- a/etc/wget.profile +++ b/etc/wget.profile | |||
@@ -20,7 +20,7 @@ include disable-interpreters.inc | |||
20 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | # depending on workflow you can uncomment the below or put 'include disable-xdg.inc' in your wget.local | 22 | # depending on workflow you can uncomment the below or put 'include disable-xdg.inc' in your wget.local |
23 | include disable-xdg.inc | 23 | #include disable-xdg.inc |
24 | 24 | ||
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
@@ -47,10 +47,8 @@ tracelog | |||
47 | private-bin wget | 47 | private-bin wget |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | |||
51 | |||
52 | # depending on workflow you can uncomment the below or put this private-etc in your wget.local | 50 | # depending on workflow you can uncomment the below or put this private-etc in your wget.local |
53 | #private-etc alternatives,ca-certificates,crypto-policie,pki,resolv.conf,ssl,wgetrc | 51 | #private-etc alternatives,ca-certificates,crypto-policie,pki,resolv.conf,ssl,wgetrc |
54 | # private-tmp | 52 | #private-tmp |
55 | 53 | ||
56 | memory-deny-write-execute | 54 | memory-deny-write-execute |