profiles

3 files changed, 10 insertions, 1 deletions

diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index e77f2d369..071d217bb 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -42,6 +42,7 @@ blacklist ${HOME}/.VeraCrypt
 # var
 blacklist /var/spool/cron
 blacklist /var/spool/anacron
+blacklist /var/mail
 blacklist /var/run/acpid.socket
 blacklist /var/run/minissdpd.sock
 blacklist /var/run/rpcbind.sock
@@ -52,7 +53,7 @@ blacklist /var/lib/mysql/mysql.sock
 blacklist /var/run/docker.sock
 
 # etc
-blacklist /etc/cron.*
+blacklist /etc/cron*
 blacklist /etc/profile.d
 blacklist /etc/rc.local
 blacklist /etc/anacrontab
@@ -147,6 +148,8 @@ blacklist /usr/local/sbin
 blacklist ${PATH}/umount
 blacklist ${PATH}/mount
 blacklist ${PATH}/fusermount
+blacklist ${PATH}/ntfs-3g
+blacklist ${PATH}/at
 blacklist ${PATH}/su
 blacklist ${PATH}/sudo
 blacklist ${PATH}/xinput
@@ -171,6 +174,10 @@ blacklist ${PATH}/chfn
 blacklist ${PATH}/chage
 blacklist ${PATH}/expiry
 blacklist ${PATH}/unix_chkpwd
+blacklist ${PATH}/procmail
+
+# other SUID binaries
+blacklist /usr/lib/virtualbox
 
 # prevent lxterminal connecting to an existing lxterminal session
 blacklist /tmp/.lxterminal-socket*
diff --git a/etc/virtualbox.profile b/etc/virtualbox.profile
index 148b7efc8..49f8f8b24 100644
--- a/etc/virtualbox.profile
+++ b/etc/virtualbox.profile
@@ -3,6 +3,7 @@
 noblacklist ${HOME}/.VirtualBox
 noblacklist ${HOME}/VirtualBox VMs
 noblacklist ${HOME}/.config/VirtualBox
+noblacklist /usr/bin/virtualbox
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-passwdmgr.inc
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index ae8db5a67..ff3909c17 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -170,5 +170,6 @@
 /etc/firejail/xiphos.profile
 /etc/firejail/display.profile
 /etc/firejail/Wire.profile
+/etc/firejail/wire.profile
 /etc/firejail/mumble.profile
 /etc/firejail/zoom.profile