diff options
author | Tad <tad@spotco.us> | 2017-09-16 14:11:43 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-09-18 18:24:13 -0400 |
commit | 3c3602fe4e747f3489c917f4de991c9043df9751 (patch) | |
tree | 052baee1387ce11b9ecd00e49a7c96d59f92d480 /etc/calligra.profile | |
parent | Fixup 36 profiles (diff) | |
download | firejail-3c3602fe4e747f3489c917f4de991c9043df9751.tar.gz firejail-3c3602fe4e747f3489c917f4de991c9043df9751.tar.zst firejail-3c3602fe4e747f3489c917f4de991c9043df9751.zip |
Harden 25 profiles
Diffstat (limited to 'etc/calligra.profile')
-rw-r--r-- | etc/calligra.profile | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/etc/calligra.profile b/etc/calligra.profile index 58006f203..e90c8efe8 100644 --- a/etc/calligra.profile +++ b/etc/calligra.profile | |||
@@ -12,15 +12,18 @@ include /etc/firejail/disable-programs.inc | |||
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
14 | ipc-namespace | 14 | ipc-namespace |
15 | net none | 15 | nodvd |
16 | nogroups | 16 | nogroups |
17 | nonewprivs | ||
17 | noroot | 18 | noroot |
19 | notv | ||
20 | novideo | ||
21 | protocol unix | ||
18 | seccomp | 22 | seccomp |
19 | shell none | 23 | shell none |
20 | 24 | ||
21 | private-bin calligra,calligraauthor,calligraconverter,calligraflow,calligraplan,calligraplanwork,calligrasheets,calligrastage,calligrawords,dbus-launch | 25 | private-bin calligra,calligraauthor,calligraconverter,calligraflow,calligraplan,calligraplanwork,calligrasheets,calligrastage,calligrawords,dbus-launch |
22 | private-dev | 26 | private-dev |
23 | #private-etc fonts,passwd,alternatives,X11 | ||
24 | 27 | ||
25 | noexec /home | 28 | noexec ${HOME} |
26 | noexec /tmp | 29 | noexec /tmp |