diff options
author | netblue30 <netblue30@yahoo.com> | 2017-04-18 07:23:57 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-04-18 07:23:57 -0400 |
commit | 7d4e6a5d607cd78d4ec5753c0af4463135e387f5 (patch) | |
tree | a0d279d7fd89a9550f8b011eeed42f7d467717ea /etc/brasero.profile | |
parent | Merge pull request #1229 from SpotComms/firecfg2 (diff) | |
parent | Harden some more profiles (diff) | |
download | firejail-7d4e6a5d607cd78d4ec5753c0af4463135e387f5.tar.gz firejail-7d4e6a5d607cd78d4ec5753c0af4463135e387f5.tar.zst firejail-7d4e6a5d607cd78d4ec5753c0af4463135e387f5.zip |
Merge pull request #1232 from SpotComms/harden3
Harden more profiles
Diffstat (limited to 'etc/brasero.profile')
-rw-r--r-- | etc/brasero.profile | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/etc/brasero.profile b/etc/brasero.profile index 6d84b0ca5..a15a54ddb 100644 --- a/etc/brasero.profile +++ b/etc/brasero.profile | |||
@@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc | |||
11 | include /etc/firejail/disable-passwdmgr.inc | 11 | include /etc/firejail/disable-passwdmgr.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
14 | ipc-namespace | ||
15 | net none | ||
14 | nogroups | 16 | nogroups |
15 | nonewprivs | 17 | nonewprivs |
16 | noroot | 18 | noroot |
@@ -22,6 +24,9 @@ shell none | |||
22 | tracelog | 24 | tracelog |
23 | 25 | ||
24 | # private-bin brasero | 26 | # private-bin brasero |
25 | # private-tmp | ||
26 | # private-dev | 27 | # private-dev |
27 | # private-etc fonts | 28 | # private-etc fonts |
29 | # private-tmp | ||
30 | |||
31 | noexec ${HOME} | ||
32 | noexec /tmp | ||