diff options
| author |  glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-24 20:46:50 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2019-02-24 20:46:50 +0000 |
| commit | 5678df608625fb8b7d7aefc48952db2414b0ac67 (patch) | |
| tree | 644ee19890b7791426b600f28f7c1b1d9e8260c0 /etc/checkbashisms.profile | |
| parent | Harden arch-audit.profile (#2450) (diff) | |
| download | firejail-5678df608625fb8b7d7aefc48952db2414b0ac67.tar.gz firejail-5678df608625fb8b7d7aefc48952db2414b0ac67.tar.zst firejail-5678df608625fb8b7d7aefc48952db2414b0ac67.zip | |
Harden checkbashisms.profile (#2451)
Diffstat (limited to 'etc/checkbashisms.profile')
| -rw-r--r-- | etc/checkbashisms.profile | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile index 601ca58a9..fe2648792 100644 --- a/etc/checkbashisms.profile +++ b/etc/checkbashisms.profile | |||
| @@ -25,8 +25,10 @@ include disable-xdg.inc | |||
| 25 | 25 | ||
| 26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
| 27 | 27 | ||
| 28 | apparmor | ||
| 28 | caps.drop all | 29 | caps.drop all |
| 29 | ipc-namespace | 30 | ipc-namespace |
| 31 | machine-id | ||
| 30 | net none | 32 | net none |
| 31 | no3d | 33 | no3d |
| 32 | nodbus | 34 | nodbus |
| @@ -42,7 +44,9 @@ protocol unix | |||
| 42 | seccomp | 44 | seccomp |
| 43 | shell none | 45 | shell none |
| 44 | 46 | ||
| 47 | private-cache | ||
| 45 | private-dev | 48 | private-dev |
| 49 | private-lib perl* | ||
| 46 | private-tmp | 50 | private-tmp |
| 47 | 51 | ||
| 48 | memory-deny-write-execute | 52 | memory-deny-write-execute |