diff options
author | Tad <tad@spotco.us> | 2017-04-16 07:14:01 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-04-16 08:12:31 -0400 |
commit | b5f29f9c216615c39e6fe00508ea18a52a2fe88a (patch) | |
tree | c43aea948b2d8e82ea1b157e61bbfcbf92c801fc /etc/bleachbit.profile | |
parent | doc update (diff) | |
download | firejail-b5f29f9c216615c39e6fe00508ea18a52a2fe88a.tar.gz firejail-b5f29f9c216615c39e6fe00508ea18a52a2fe88a.tar.zst firejail-b5f29f9c216615c39e6fe00508ea18a52a2fe88a.zip |
Harden 9 more profiles
Diffstat (limited to 'etc/bleachbit.profile')
-rw-r--r-- | etc/bleachbit.profile | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/etc/bleachbit.profile b/etc/bleachbit.profile index b406b9985..7ea55f505 100644 --- a/etc/bleachbit.profile +++ b/etc/bleachbit.profile | |||
@@ -9,17 +9,21 @@ include /etc/firejail/disable-devel.inc | |||
9 | include /etc/firejail/disable-passwdmgr.inc | 9 | include /etc/firejail/disable-passwdmgr.inc |
10 | 10 | ||
11 | caps.drop all | 11 | caps.drop all |
12 | net none | ||
12 | netfilter | 13 | netfilter |
14 | no3d | ||
13 | nogroups | 15 | nogroups |
14 | nonewprivs | 16 | nonewprivs |
15 | noroot | 17 | noroot |
16 | nosound | 18 | nosound |
17 | shell none | ||
18 | seccomp | ||
19 | protocol unix | 19 | protocol unix |
20 | seccomp | ||
21 | shell none | ||
20 | 22 | ||
21 | # private-bin | 23 | # private-bin |
22 | # private-dev | 24 | # private-dev |
23 | # private-tmp | 25 | # private-tmp |
24 | # private-etc | 26 | # private-etc |
25 | 27 | ||
28 | noexec ${HOME} | ||
29 | noexec /tmp | ||