diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-08-01 20:19:56 -0400 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2017-08-01 20:19:56 -0400 |
| commit | b7f3901404d081823c485c75a8e2361f9c900aed (patch) | |
| tree | a3d36e75974789d49ae89f82bb856ab5f7f4d1f1 | |
| parent | compile cleanup (diff) | |
| parent | Add some /proc dirs to firejail apparmor profile (diff) | |
| download | firejail-b7f3901404d081823c485c75a8e2361f9c900aed.tar.gz firejail-b7f3901404d081823c485c75a8e2361f9c900aed.tar.zst firejail-b7f3901404d081823c485c75a8e2361f9c900aed.zip | |
Merge pull request #1423 from VladimirSchowalter20/VladimirSchowalter20-apparmor
Add some /proc dirs to firejail apparmor profile
| -rw-r--r-- | etc/firejail-default | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/firejail-default b/etc/firejail-default index 7fd1b1ad7..092fcbbcc 100644 --- a/etc/firejail-default +++ b/etc/firejail-default | |||
| @@ -71,6 +71,10 @@ profile firejail-default flags=(attach_disconnected,mediate_deleted) { | |||
| 71 | /proc/@{PID}/mounts r, | 71 | /proc/@{PID}/mounts r, |
| 72 | /proc/@{PID}/mountinfo r, | 72 | /proc/@{PID}/mountinfo r, |
| 73 | /proc/@{PID}/oom_score_adj r, | 73 | /proc/@{PID}/oom_score_adj r, |
| 74 | /proc/@{PID}/auxv r, | ||
| 75 | /proc/@{PID}/net/dev r, | ||
| 76 | /proc/@{PID}/loginuid r, | ||
| 77 | /proc/@{PID}/environ r, | ||
| 74 | 78 | ||
| 75 | ########## | 79 | ########## |
| 76 | # Allow running programs only from well-known system directories. If you need | 80 | # Allow running programs only from well-known system directories. If you need |