diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-25 00:35:38 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-25 00:35:38 +0000 |
commit | c63b54b60a8c88d8b198f1c424156aa69a701d45 (patch) | |
tree | 637c1195a7038d57977e096f5c9e8a8bd070e72e | |
parent | Harden file-roller.profile (#2468) (diff) | |
download | firejail-c63b54b60a8c88d8b198f1c424156aa69a701d45.tar.gz firejail-c63b54b60a8c88d8b198f1c424156aa69a701d45.tar.zst firejail-c63b54b60a8c88d8b198f1c424156aa69a701d45.zip |
Harden eog.profile (#2469)
-rw-r--r-- | etc/eog.profile | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/etc/eog.profile b/etc/eog.profile index d448b7c6c..333eb448a 100644 --- a/etc/eog.profile +++ b/etc/eog.profile | |||
@@ -17,11 +17,11 @@ include disable-interpreters.inc | |||
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | 19 | ||
20 | include whitelist-var-common.inc | 20 | apparmor |
21 | |||
22 | # apparmor - makes settings immutable | ||
23 | caps.drop all | 21 | caps.drop all |
24 | # net none - makes settings immutable | 22 | ipc-namespace |
23 | machine-id | ||
24 | net none | ||
25 | no3d | 25 | no3d |
26 | # nodbus - makes settings immutable | 26 | # nodbus - makes settings immutable |
27 | nodvd | 27 | nodvd |
@@ -40,9 +40,9 @@ private-bin eog | |||
40 | private-cache | 40 | private-cache |
41 | private-dev | 41 | private-dev |
42 | private-etc alternatives,fonts | 42 | private-etc alternatives,fonts |
43 | private-lib gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.* | 43 | private-lib eog,gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.* |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
46 | #memory-deny-write-execute - breaks on Arch | 46 | memory-deny-write-execute |
47 | noexec ${HOME} | 47 | noexec ${HOME} |
48 | noexec /tmp | 48 | noexec /tmp |