restricting more, HOME and tmp in mpsyt.profile

author: pirate486743186 <okgomdjgbmoij@gmail.com> 2018-11-28 21:08:36 +0100
committer: pirate486743186 <okgomdjgbmoij@gmail.com> 2018-11-28 21:49:37 +0100
commit: 0293e40012bd8ec1efcd9982179ef25e68bb916c (patch)
tree: 52b731195107acdb5780a6e2922b5c4babe8e3e8
parent: Merge pull request #2276 from smitsohu/tmpfs (diff)
download: firejail-0293e40012bd8ec1efcd9982179ef25e68bb916c.tar.gz
firejail-0293e40012bd8ec1efcd9982179ef25e68bb916c.tar.zst
firejail-0293e40012bd8ec1efcd9982179ef25e68bb916c.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/etc/mpsyt.profile b/etc/mpsyt.profile
index c64b71ad6..eb51a45cc 100644
--- a/etc/mpsyt.profile
+++ b/etc/mpsyt.profile
@@ -13,6 +13,18 @@ noblacklist ${HOME}/.netrc
 noblacklist ${HOME}/mps
 noblacklist ${MUSIC}
 noblacklist ${VIDEOS}
+noblacklist ${DOWNLOADS}
+mkdir ${HOME}/.config/mps-youtube
+whitelist ${HOME}/.config/mpv
+whitelist ${HOME}/.mplayer
+whitelist ${HOME}/.config/mps-youtube
+whitelist ${HOME}/.netrc
+whitelist ${HOME}/mps
+whitelist ${MUSIC}
+whitelist ${VIDEOS}
+whitelist ${DOWNLOADS}
 # Allow python (blacklisted by disable-interpreters.inc)
 noblacklist ${PATH}/python2*
@@ -45,3 +57,7 @@ tracelog
 private-bin mpsyt,mplayer,mpv,youtube-dl,python*,env
 private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
author	pirate486743186 <okgomdjgbmoij@gmail.com>	2018-11-28 21:08:36 +0100
committer	pirate486743186 <okgomdjgbmoij@gmail.com>	2018-11-28 21:49:37 +0100
commit	0293e40012bd8ec1efcd9982179ef25e68bb916c (patch)
tree	52b731195107acdb5780a6e2922b5c4babe8e3e8
parent	Merge pull request #2276 from smitsohu/tmpfs (diff)
download	firejail-0293e40012bd8ec1efcd9982179ef25e68bb916c.tar.gz firejail-0293e40012bd8ec1efcd9982179ef25e68bb916c.tar.zst firejail-0293e40012bd8ec1efcd9982179ef25e68bb916c.zip

diff --git a/etc/mpsyt.profile b/etc/mpsyt.profile index c64b71ad6..eb51a45cc 100644 --- a/etc/mpsyt.profile +++ b/etc/mpsyt.profile
@@ -13,6 +13,18 @@ noblacklist ${HOME}/.netrc
13	noblacklist ${HOME}/mps	13	noblacklist ${HOME}/mps
14	noblacklist ${MUSIC}	14	noblacklist ${MUSIC}
15	noblacklist ${VIDEOS}	15	noblacklist ${VIDEOS}
		16	noblacklist ${DOWNLOADS}
		17
		18	mkdir ${HOME}/.config/mps-youtube
		19
		20	whitelist ${HOME}/.config/mpv
		21	whitelist ${HOME}/.mplayer
		22	whitelist ${HOME}/.config/mps-youtube
		23	whitelist ${HOME}/.netrc
		24	whitelist ${HOME}/mps
		25	whitelist ${MUSIC}
		26	whitelist ${VIDEOS}
		27	whitelist ${DOWNLOADS}
16		28
17	# Allow python (blacklisted by disable-interpreters.inc)	29	# Allow python (blacklisted by disable-interpreters.inc)
18	noblacklist ${PATH}/python2*	30	noblacklist ${PATH}/python2*
@@ -45,3 +57,7 @@ tracelog
45		57
46	private-bin mpsyt,mplayer,mpv,youtube-dl,python*,env	58	private-bin mpsyt,mplayer,mpv,youtube-dl,python*,env
47	private-dev	59	private-dev
		60	private-tmp
		61
		62	noexec ${HOME}
		63	noexec /tmp