diff options
author | kortewegdevries <kortewegdevries@protonmail.ch> | 2020-08-28 12:03:10 +0000 |
---|---|---|
committer | kortewegdevries <kortewegdevries@protonmail.ch> | 2020-08-28 12:03:10 +0000 |
commit | 0c63e854255b0bde014abc17576ac681c5230e4c (patch) | |
tree | 31747f0ecce18869437100410fba32a39b279123 | |
parent | Switch Evolution to whitelisting (diff) | |
download | firejail-0c63e854255b0bde014abc17576ac681c5230e4c.tar.gz firejail-0c63e854255b0bde014abc17576ac681c5230e4c.tar.zst firejail-0c63e854255b0bde014abc17576ac681c5230e4c.zip |
GPG default, fixes...
-rw-r--r-- | etc/profile-a-l/evolution.profile | 27 |
1 files changed, 10 insertions, 17 deletions
diff --git a/etc/profile-a-l/evolution.profile b/etc/profile-a-l/evolution.profile index 17476aaec..2967218c7 100644 --- a/etc/profile-a-l/evolution.profile +++ b/etc/profile-a-l/evolution.profile | |||
@@ -7,8 +7,7 @@ include evolution.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.bogofilter | 9 | noblacklist ${HOME}/.bogofilter |
10 | # Uncomment for gpg | 10 | noblacklist ${HOME}/.gnupg |
11 | # noblacklist ${HOME}/.gnupg | ||
12 | noblacklist ${HOME}/.pki | 11 | noblacklist ${HOME}/.pki |
13 | noblacklist ${HOME}/.cache/evolution | 12 | noblacklist ${HOME}/.cache/evolution |
14 | noblacklist ${HOME}/.config/evolution | 13 | noblacklist ${HOME}/.config/evolution |
@@ -27,28 +26,24 @@ include disable-shell.inc | |||
27 | include disable-xdg.inc | 26 | include disable-xdg.inc |
28 | 27 | ||
29 | mkdir ${HOME}/.bogofilter | 28 | mkdir ${HOME}/.bogofilter |
30 | # Uncomment for gpg | 29 | mkdir ${HOME}/.gnupg |
31 | # mkdir ${HOME}/.gnupg | ||
32 | mkdir ${HOME}/.pki | 30 | mkdir ${HOME}/.pki |
33 | mkdir ${HOME}/.cache/evolution | 31 | mkdir ${HOME}/.cache/evolution |
34 | mkdir ${HOME}/.config/evolution | 32 | mkdir ${HOME}/.config/evolution |
35 | mkdir ${HOME}/.local/share/evolution | 33 | mkdir ${HOME}/.local/share/evolution |
36 | mkdir ${HOME}/.local/share/pki | 34 | mkdir ${HOME}/.local/share/pki |
37 | whitelist ${HOME}/.bogofilter | 35 | whitelist ${HOME}/.bogofilter |
38 | # Uncomment for gpg | 36 | whitelist ${HOME}/.gnupg |
39 | # whitelist ${HOME}/.gnupg | ||
40 | whitelist ${HOME}/.pki | 37 | whitelist ${HOME}/.pki |
41 | whitelist ${HOME}/.cache/evolution | 38 | whitelist ${HOME}/.cache/evolution |
42 | whitelist ${HOME}/.config/evolution | 39 | whitelist ${HOME}/.config/evolution |
43 | whitelist ${HOME}/.local/share/evolution | 40 | whitelist ${HOME}/.local/share/evolution |
44 | whitelist ${HOME}/.local/share/pki | 41 | whitelist ${HOME}/.local/share/pki |
45 | whitelist ${DOWNLOADS} | 42 | whitelist ${DOWNLOADS} |
46 | # Uncomment for gpg | 43 | whitelist ${RUNUSER}/gnupg |
47 | # whitelist ${RUNUSER}/gnupg | ||
48 | whitelist /usr/share/evolution | 44 | whitelist /usr/share/evolution |
49 | # Uncomment for gpg | 45 | whitelist /usr/share/gnupg |
50 | # whitelist /usr/share/gnupg | 46 | whitelist /usr/share/gnupg2 |
51 | # whitelist /usr/share/gnupg2 | ||
52 | whitelist /var/mail | 47 | whitelist /var/mail |
53 | whitelist /var/spool/mail | 48 | whitelist /var/spool/mail |
54 | include whitelist-common.inc | 49 | include whitelist-common.inc |
@@ -74,9 +69,8 @@ seccomp | |||
74 | shell none | 69 | shell none |
75 | tracelog | 70 | tracelog |
76 | 71 | ||
77 | disable-mnt | 72 | # disable-mnt |
78 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg | 73 | # private-bin evolution |
79 | private-bin evolution | ||
80 | private-cache | 74 | private-cache |
81 | private-dev | 75 | private-dev |
82 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gtk-2.0,gtk-3.0,groups,hostname,hosts,mailname,passwd,pki,resolv.conf,selinux,ssl,xdg | 76 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gtk-2.0,gtk-3.0,groups,hostname,hosts,mailname,passwd,pki,resolv.conf,selinux,ssl,xdg |
@@ -89,8 +83,7 @@ dbus-user.own org.gnome.Evolution | |||
89 | dbus-user.talk ca.desrt.dconf | 83 | dbus-user.talk ca.desrt.dconf |
90 | # Uncomment to have keyring access | 84 | # Uncomment to have keyring access |
91 | # dbus-user.talk org.freedesktop.secrets | 85 | # dbus-user.talk org.freedesktop.secrets |
86 | dbus-user.talk org.gnome.keyring.SystemPrompter | ||
87 | dbus-user.talk org.gnome.OnlineAccounts | ||
92 | dbus-user.talk org.freedesktop.Notifications | 88 | dbus-user.talk org.freedesktop.Notifications |
93 | dbus-system none | 89 | dbus-system none |
94 | |||
95 | # Comment to use gpg | ||
96 | read-only ${HOME}/.gnupg | ||