diff options
author | Tad <tad@spotco.us> | 2017-09-16 14:11:43 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-09-18 18:24:13 -0400 |
commit | 3c3602fe4e747f3489c917f4de991c9043df9751 (patch) | |
tree | 052baee1387ce11b9ecd00e49a7c96d59f92d480 /etc/cin.profile | |
parent | Fixup 36 profiles (diff) | |
download | firejail-3c3602fe4e747f3489c917f4de991c9043df9751.tar.gz firejail-3c3602fe4e747f3489c917f4de991c9043df9751.tar.zst firejail-3c3602fe4e747f3489c917f4de991c9043df9751.zip |
Harden 25 profiles
Diffstat (limited to 'etc/cin.profile')
-rw-r--r-- | etc/cin.profile | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/etc/cin.profile b/etc/cin.profile index e895805eb..93a94c910 100644 --- a/etc/cin.profile +++ b/etc/cin.profile | |||
@@ -15,14 +15,17 @@ include /etc/firejail/disable-programs.inc | |||
15 | caps.drop all | 15 | caps.drop all |
16 | ipc-namespace | 16 | ipc-namespace |
17 | net none | 17 | net none |
18 | nodvd | ||
18 | nogroups | 19 | nogroups |
20 | nonewprivs | ||
21 | notv | ||
19 | noroot | 22 | noroot |
23 | protocol unix | ||
20 | seccomp | 24 | seccomp |
21 | shell none | 25 | shell none |
22 | 26 | ||
23 | private-bin cin | 27 | private-bin cin |
24 | private-dev | 28 | private-dev |
25 | #private-etc fonts,pulse | ||
26 | 29 | ||
27 | noexec /home | 30 | noexec ${HOME} |
28 | noexec /tmp | 31 | noexec /tmp |