diff options
author | netblue30 <netblue30@yahoo.com> | 2015-11-16 08:34:52 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-11-16 08:34:52 -0500 |
commit | c0c4b8cad407d19d3f5610638eff557b74894b46 (patch) | |
tree | cde190b74e68279f52ce90efaa8702d64f50f561 | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
download | firejail-c0c4b8cad407d19d3f5610638eff557b74894b46.tar.gz firejail-c0c4b8cad407d19d3f5610638eff557b74894b46.tar.zst firejail-c0c4b8cad407d19d3f5610638eff557b74894b46.zip |
firefox profile fixes
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | README.md | 9 | ||||
-rw-r--r-- | etc/firefox.profile | 5 | ||||
-rw-r--r-- | etc/whitelist-common.inc | 6 |
4 files changed, 15 insertions, 7 deletions
@@ -18,6 +18,8 @@ License: GPL v2 | |||
18 | Firejail Authors: | 18 | Firejail Authors: |
19 | 19 | ||
20 | netblue30 (netblue30@yahoo.com) | 20 | netblue30 (netblue30@yahoo.com) |
21 | Matt Parnell (https://github.com/ilikenwf) | ||
22 | - whitelisting for core firefox related functionality | ||
21 | Andrey Alekseenko (https://github.com/al42and) | 23 | Andrey Alekseenko (https://github.com/al42and) |
22 | - fixed Skype profile | 24 | - fixed Skype profile |
23 | Ondra Nekola (https://github.com/satai) | 25 | Ondra Nekola (https://github.com/satai) |
@@ -55,14 +55,21 @@ include /etc/firejail/whitelist-common.inc | |||
55 | ````` | 55 | ````` |
56 | /etc/firejail/whitelist-common.inc | 56 | /etc/firejail/whitelist-common.inc |
57 | ````` | 57 | ````` |
58 | whitelist ~/.config/mimeapps.list (new in 0.9.35) | ||
59 | whitelist ~/.icons (new in 0.9.35) | ||
60 | |||
61 | # fonts | ||
58 | whitelist ~/.fonts (0.9.34) | 62 | whitelist ~/.fonts (0.9.34) |
59 | whitelist ~/.fonts.d (0.9.34) | 63 | whitelist ~/.fonts.d (0.9.34) |
60 | whitelist ~/.fontconfig (0.9.34) | 64 | whitelist ~/.fontconfig (0.9.34) |
61 | whitelist ~/.fonts.conf (0.9.34) | 65 | whitelist ~/.fonts.conf (0.9.34) |
62 | whitelist ~/.fonts.conf.d (0.9.34) | 66 | whitelist ~/.fonts.conf.d (0.9.34) |
67 | |||
68 | # gtk | ||
69 | whitelist ~/.gtkrc (new in 0.9.35) | ||
63 | whitelist ~/.gtkrc-2.0 (0.9.34) | 70 | whitelist ~/.gtkrc-2.0 (0.9.34) |
64 | whitelist ~/.config/gtk-3.0 (new in 0.9.35) | 71 | whitelist ~/.config/gtk-3.0 (new in 0.9.35) |
65 | whitelist ~/.themes/ (new in 0.9.35) | 72 | whitelist ~/.themes (new in 0.9.35) |
66 | ````` | 73 | ````` |
67 | If you are using a plugin or extension that requires other directories, please open a new issue: https://github.com/netblue30/firejail/issues | 74 | If you are using a plugin or extension that requires other directories, please open a new issue: https://github.com/netblue30/firejail/issues |
68 | 75 | ||
diff --git a/etc/firefox.profile b/etc/firefox.profile index ffcf6ac59..7b3febbae 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -1,6 +1,5 @@ | |||
1 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) | 1 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) |
2 | noblacklist ${HOME}/.mozilla | 2 | noblacklist ${HOME}/.mozilla |
3 | noblacklist /usr/lib/firefox | ||
4 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
6 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
@@ -10,11 +9,7 @@ seccomp | |||
10 | protocol unix,inet,inet6,netlink | 9 | protocol unix,inet,inet6,netlink |
11 | netfilter | 10 | netfilter |
12 | noroot | 11 | noroot |
13 | whitelist ~/.config/mimeapps.list | ||
14 | whitelist ~/.gtkrc | ||
15 | whitelist ~/.icons | ||
16 | whitelist ~/.mozilla | 12 | whitelist ~/.mozilla |
17 | whitelist ~/.themes | ||
18 | whitelist ~/Downloads | 13 | whitelist ~/Downloads |
19 | whitelist ~/Загрузки | 14 | whitelist ~/Загрузки |
20 | whitelist ~/.cache/mozilla/firefox | 15 | whitelist ~/.cache/mozilla/firefox |
diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc index e0c2975df..f4941a207 100644 --- a/etc/whitelist-common.inc +++ b/etc/whitelist-common.inc | |||
@@ -1,5 +1,8 @@ | |||
1 | # common whitelist for all profiles | 1 | # common whitelist for all profiles |
2 | 2 | ||
3 | whitelist ~/.config/mimeapps.list | ||
4 | whitelist ~/.icons | ||
5 | |||
3 | # fonts | 6 | # fonts |
4 | whitelist ~/.fonts | 7 | whitelist ~/.fonts |
5 | whitelist ~/.fonts.d | 8 | whitelist ~/.fonts.d |
@@ -8,6 +11,7 @@ whitelist ~/.fonts.conf | |||
8 | whitelist ~/.fonts.conf.d | 11 | whitelist ~/.fonts.conf.d |
9 | 12 | ||
10 | # gtk | 13 | # gtk |
14 | whitelist ~/.gtkrc | ||
11 | whitelist ~/.gtkrc-2.0 | 15 | whitelist ~/.gtkrc-2.0 |
12 | whitelist ~/.config/gtk-3.0 | 16 | whitelist ~/.config/gtk-3.0 |
13 | whitelist ~/.themes/ | 17 | whitelist ~/.themes |