diff options
author | netblue30 <netblue30@yahoo.com> | 2016-06-28 07:58:20 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-06-28 07:58:20 -0400 |
commit | 4ece607b8f833cf0974bcf2a5e41f0504cbbff59 (patch) | |
tree | 430665bb64c6e2b893e17ceec2580c98df069534 /etc/cpio.profile | |
parent | cpio, gzip, strings, xzdec (diff) | |
download | firejail-4ece607b8f833cf0974bcf2a5e41f0504cbbff59.tar.gz firejail-4ece607b8f833cf0974bcf2a5e41f0504cbbff59.tar.zst firejail-4ece607b8f833cf0974bcf2a5e41f0504cbbff59.zip |
sysutils
Diffstat (limited to 'etc/cpio.profile')
-rw-r--r-- | etc/cpio.profile | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/etc/cpio.profile b/etc/cpio.profile index f10b82962..b0e59c106 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile | |||
@@ -1,10 +1,21 @@ | |||
1 | # cpio profile | 1 | # cpio profile |
2 | # testing: find . -print -depth | cpio -ov > tree.cpio | 2 | # /sbin and /usr/sbin are visible inside the sandbox |
3 | include /etc/firejail/default.profile | 3 | # /boot is not visible and /var is heavily modified |
4 | tracelog | 4 | |
5 | noblacklist /sbin | ||
6 | noblacklist /usr/sbin | ||
7 | include /etc/firejail/disable-common.inc | ||
8 | include /etc/firejail/disable-programs.inc | ||
9 | include /etc/firejail/disable-passwdmgr.inc | ||
10 | |||
11 | private-dev | ||
12 | private-tmp | ||
13 | seccomp | ||
14 | caps.drop all | ||
5 | net none | 15 | net none |
6 | shell none | 16 | shell none |
7 | private-bin cpio | 17 | tracelog |
8 | private-dev | 18 | net none |
19 | |||
9 | 20 | ||
10 | 21 | ||