diff options
author | netblue30 <netblue30@yahoo.com> | 2015-10-25 10:45:25 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-10-25 10:45:25 -0400 |
commit | 5a52191865c5f0cdbc610b0ad656b919f0dc1605 (patch) | |
tree | 0f821744e282d9c4409242b43c9ea6db8857f4ed /README.md | |
parent | fix struct stat64 problem for musl libc (diff) | |
download | firejail-5a52191865c5f0cdbc610b0ad656b919f0dc1605.tar.gz firejail-5a52191865c5f0cdbc610b0ad656b919f0dc1605.tar.zst firejail-5a52191865c5f0cdbc610b0ad656b919f0dc1605.zip |
default Firefox whitelisting
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 39 |
1 files changed, 16 insertions, 23 deletions
@@ -34,34 +34,27 @@ FAQ: https://l3net.wordpress.com/projects/firejail/firejail-faq/ | |||
34 | 34 | ||
35 | 35 | ||
36 | 36 | ||
37 | ## Known Problems | 37 | ## New features in the development version |
38 | 38 | ||
39 | ### PulseAudio 7.0 | 39 | ### Enable whitelists in Firefox default profile |
40 | 40 | ||
41 | The srbchannel IPC mechanism, introduced in PulseAudio 6.0, was enabled by default in release 7.0. | 41 | The next release will bring in default whitelisting for Firefox files and folders under /home/user. |
42 | Arch Linux users are reporting sound problems when running applications in Firejail sandbox. | 42 | If you start the sandbox without any other options, this is what you'll get: |
43 | A preliminary fix was introduced on master branch. The fix is available in release 0.9.32, and disables PulseAudio shared memory functionality | ||
44 | inside the sandbox. If you are seeing any problems, | ||
45 | please let us know here: https://github.com/netblue30/firejail/issues/69 | ||
46 | 43 | ||
47 | If you are unable to update Firejail, or if you want to continue using the latest released version, these are some workarounds: | 44 | ![Whitelisted home directory](firefox-whitelist.png?raw=true) |
48 | 45 | ||
49 | * Running ALSA | 46 | The code is located in etc/firefox.inc file: |
50 | 47 | ||
51 | By default, if Firefox fails to connect to PulseAudio, it will connect directly to ALSA. | ||
52 | Also by default, ALSA comes with the sound volume down. You would need to install *alsamixer* | ||
53 | (*alsa-utils* package) or *gnome-alsamixer*, run it, and crank up the volume (both Master and PCM). | ||
54 | |||
55 | * Disable shm functionality in PulseAudio | ||
56 | ````` | 48 | ````` |
57 | $ mkdir -p ~/.config/pulse | 49 | whitelist ~/.mozilla |
58 | $ cd ~/.config/pulse | 50 | whitelist ~/Downloads |
59 | $ cp /etc/pulse/client.conf . | 51 | whitelist ~/dwhelper |
60 | $ echo "enable-shm = no" >> client.conf | 52 | whitelist ~/.zotero |
53 | whitelist ~/.lastpass | ||
61 | ````` | 54 | ````` |
62 | * Disable srbchannel IPC mechanism in version 7.0 | ||
63 | |||
64 | Edit /etc/pulse/default.pa – change the line "load-module module-native-protocol-unix" | ||
65 | to "load-module module-native-protocol-unix srbchannel=no" and restart PulseAudio daemon. | ||
66 | |||
67 | 55 | ||
56 | I intend to bring in all files and directories used by Firefox addons and plugins. So far I have | ||
57 | [Video DownloadHelper](https://addons.mozilla.org/en-US/firefox/addon/video-downloadhelper/), | ||
58 | [Zotero](https://www.zotero.org/download/) and | ||
59 | [LastPass](https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/). | ||
60 | If you're using a anything else, please let me know. | ||