Blacklist /*firefox* except for firefox itself

2 files changed, 3 insertions, 1 deletions

diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 5fe2f8c28..c87948b27 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -1096,3 +1096,4 @@ deny  ${HOME}/.cache/yandex-browser
 deny  ${HOME}/.cache/yandex-browser-beta
 deny  ${HOME}/.cache/youtube-dl
 deny  ${HOME}/.cache/youtube-viewer
+deny  ${RUNUSER}/*firefox*
diff --git a/etc/profile-a-l/firefox-common.profile b/etc/profile-a-l/firefox-common.profile
index 6110bc2e9..557e3559b 100644
--- a/etc/profile-a-l/firefox-common.profile
+++ b/etc/profile-a-l/firefox-common.profile
@@ -14,6 +14,7 @@ include firefox-common.local
 
 nodeny  ${HOME}/.pki
 nodeny  ${HOME}/.local/share/pki
+nodeny  ${RUNUSER}/*firefox* # location of profiles if profile-sync-daemon is used
 
 include disable-common.inc
 include disable-devel.inc
@@ -26,7 +27,7 @@ mkdir ${HOME}/.local/share/pki
 allow  ${DOWNLOADS}
 allow  ${HOME}/.pki
 allow  ${HOME}/.local/share/pki
-whitelist ${RUNUSER}/*firefox*
+allow ${RUNUSER}/*firefox*
 include whitelist-common.inc
 include whitelist-runuser-common.inc
 include whitelist-var-common.inc