diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-24 20:46:50 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-24 20:46:50 +0000 |
commit | 5678df608625fb8b7d7aefc48952db2414b0ac67 (patch) | |
tree | 644ee19890b7791426b600f28f7c1b1d9e8260c0 /etc/checkbashisms.profile | |
parent | Harden arch-audit.profile (#2450) (diff) | |
download | firejail-5678df608625fb8b7d7aefc48952db2414b0ac67.tar.gz firejail-5678df608625fb8b7d7aefc48952db2414b0ac67.tar.zst firejail-5678df608625fb8b7d7aefc48952db2414b0ac67.zip |
Harden checkbashisms.profile (#2451)
Diffstat (limited to 'etc/checkbashisms.profile')
-rw-r--r-- | etc/checkbashisms.profile | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile index 601ca58a9..fe2648792 100644 --- a/etc/checkbashisms.profile +++ b/etc/checkbashisms.profile | |||
@@ -25,8 +25,10 @@ include disable-xdg.inc | |||
25 | 25 | ||
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
28 | apparmor | ||
28 | caps.drop all | 29 | caps.drop all |
29 | ipc-namespace | 30 | ipc-namespace |
31 | machine-id | ||
30 | net none | 32 | net none |
31 | no3d | 33 | no3d |
32 | nodbus | 34 | nodbus |
@@ -42,7 +44,9 @@ protocol unix | |||
42 | seccomp | 44 | seccomp |
43 | shell none | 45 | shell none |
44 | 46 | ||
47 | private-cache | ||
45 | private-dev | 48 | private-dev |
49 | private-lib perl* | ||
46 | private-tmp | 50 | private-tmp |
47 | 51 | ||
48 | memory-deny-write-execute | 52 | memory-deny-write-execute |