diff options
author | smitsohu <smitsohu@gmail.com> | 2017-08-08 21:31:50 +0200 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-08 14:31:50 -0500 |
commit | 40a51e179d90f54a20c539567adeed1ea0b94d78 (patch) | |
tree | 48f41f500a4a4cbdd1744365919dd0c2dc99931a /etc/ark.profile | |
parent | Merges (diff) | |
download | firejail-40a51e179d90f54a20c539567adeed1ea0b94d78.tar.gz firejail-40a51e179d90f54a20c539567adeed1ea0b94d78.tar.zst firejail-40a51e179d90f54a20c539567adeed1ea0b94d78.zip |
various little profile fixes and enhancements (#1442)
* add novideo
* add novideo
* add novideo
* put noexec last
* blacklist Clementine configuration and database
* blacklist Clementine configuration and database
* add novideo
* add novideo, permit access to ~/.java
* add novideo
* spoof machine-id
* mimeapps.list is already in whitelist-common.inc
* ~/.local/share/applications is already read-only
see disable-common.inc
* mimeapps.list is already in whitelist-common.inc
* ~/.local/share/applications is already read-only
see disable-common.inc
* drop machine-id option
private-etc hides it anyway
Diffstat (limited to 'etc/ark.profile')
-rw-r--r-- | etc/ark.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/ark.profile b/etc/ark.profile index 7c8574973..4884b4a0f 100644 --- a/etc/ark.profile +++ b/etc/ark.profile | |||
@@ -18,6 +18,7 @@ nogroups | |||
18 | nonewprivs | 18 | nonewprivs |
19 | noroot | 19 | noroot |
20 | nosound | 20 | nosound |
21 | novideo | ||
21 | protocol unix | 22 | protocol unix |
22 | seccomp | 23 | seccomp |
23 | shell none | 24 | shell none |