diff options
| author |  glitsj16 <glitsj16@users.noreply.github.com> | 2019-12-21 22:46:10 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2019-12-21 22:46:10 +0000 |
| commit | d02cf11b707fba86acca87b20552c627ce600adf (patch) | |
| tree | 5d60411990895497cfc2c29ae93e4faaac023665 | |
| parent | Support Brave's native sandboxing (diff) | |
| download | firejail-d02cf11b707fba86acca87b20552c627ce600adf.tar.gz firejail-d02cf11b707fba86acca87b20552c627ce600adf.tar.zst firejail-d02cf11b707fba86acca87b20552c627ce600adf.zip | |
Update brave.profile to support native sandboxing
| -rw-r--r-- | etc/brave.profile | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/etc/brave.profile b/etc/brave.profile index 7cd925a4c..35c59f5a3 100644 --- a/etc/brave.profile +++ b/etc/brave.profile | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | # Firejail profile for brave | 1 | # Firejail profile for brave |
| 2 | # This file is overwritten after every install/update | ||
| 3 | # Description: Web browser that blocks ads and trackers by default. | 2 | # Description: Web browser that blocks ads and trackers by default. |
| 3 | # This file is overwritten after every install/update | ||
| 4 | # Persistent local customizations | 4 | # Persistent local customizations |
| 5 | include brave.local | 5 | include brave.local |
| 6 | # Persistent global definitions | 6 | # Persistent global definitions |
| @@ -9,15 +9,20 @@ include globals.local | |||
| 9 | # noexec /tmp is included in chromium-common.profile and breaks Brave | 9 | # noexec /tmp is included in chromium-common.profile and breaks Brave |
| 10 | ignore noexec /tmp | 10 | ignore noexec /tmp |
| 11 | 11 | ||
| 12 | noblacklist ${HOME}/.config/brave | 12 | noblacklist ${HOME}/.cache/BraveSoftware |
| 13 | noblacklist ${HOME}/.config/BraveSoftware | 13 | noblacklist ${HOME}/.config/BraveSoftware |
| 14 | noblacklist ${HOME}/.config/brave | ||
| 15 | noblacklist ${HOME}/.config/brave-flags.conf | ||
| 14 | # brave uses gpg for built-in password manager | 16 | # brave uses gpg for built-in password manager |
| 15 | noblacklist ${HOME}/.gnupg | 17 | noblacklist ${HOME}/.gnupg |
| 16 | 18 | ||
| 17 | mkdir ${HOME}/.config/brave | 19 | mkdir ${HOME}/.cache/BraveSoftware |
| 18 | mkdir ${HOME}/.config/BraveSoftware | 20 | mkdir ${HOME}/.config/BraveSoftware |
| 19 | whitelist ${HOME}/.config/brave | 21 | mkdir ${HOME}/.config/brave |
| 22 | whitelist ${HOME}/.cache/BraveSoftware | ||
| 20 | whitelist ${HOME}/.config/BraveSoftware | 23 | whitelist ${HOME}/.config/BraveSoftware |
| 24 | whitelist ${HOME}/.config/brave | ||
| 25 | whitelist ${HOME}/.config/brave-flags.conf | ||
| 21 | whitelist ${HOME}/.gnupg | 26 | whitelist ${HOME}/.gnupg |
| 22 | 27 | ||
| 23 | # Brave sandbox needs read access to /proc/config.gz | 28 | # Brave sandbox needs read access to /proc/config.gz |