diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-05-23 13:49:45 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-05-23 13:49:45 +0000 |
commit | 252fd305d7449a4915ccfd246596a0de425efe44 (patch) | |
tree | d39fb00f454f5d5fe6a30f6cf979e5cd8cc1391d | |
parent | Add note about syscall enumerating program (Fixes #2095) (diff) | |
download | firejail-252fd305d7449a4915ccfd246596a0de425efe44.tar.gz firejail-252fd305d7449a4915ccfd246596a0de425efe44.tar.zst firejail-252fd305d7449a4915ccfd246596a0de425efe44.zip |
Harden gnome-chess (#2719)
* Harden gnome-chess
* Update gnome-chess.profile
remove whitelisting
-rw-r--r-- | etc/gnome-chess.profile | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile index 2f4626891..04409a5e4 100644 --- a/etc/gnome-chess.profile +++ b/etc/gnome-chess.profile | |||
@@ -18,7 +18,10 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | include whitelist-var-common.inc | 19 | include whitelist-var-common.inc |
20 | 20 | ||
21 | apparmor | ||
21 | caps.drop all | 22 | caps.drop all |
23 | machine-id | ||
24 | net none | ||
22 | no3d | 25 | no3d |
23 | nodvd | 26 | nodvd |
24 | nogroups | 27 | nogroups |
@@ -35,6 +38,7 @@ tracelog | |||
35 | 38 | ||
36 | disable-mnt | 39 | disable-mnt |
37 | private-bin fairymax,gnome-chess,hoichess,gnuchess | 40 | private-bin fairymax,gnome-chess,hoichess,gnuchess |
41 | private-cache | ||
38 | private-dev | 42 | private-dev |
39 | private-etc alternatives,fonts,gnome-chess | 43 | private-etc alternatives,dconf,fonts,gnome-chess,gtk-3.0 |
40 | private-tmp | 44 | private-tmp |