diff options
author | smitsohu <smitsohu@gmail.com> | 2018-03-28 01:20:21 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-03-28 03:23:59 +0200 |
commit | 7a37dc31ab907d55eb88f2fa259f37046952a0c5 (patch) | |
tree | b6a3e76842eeb8c455e00585de0ab9fc38ef4fe0 /etc/cpio.profile | |
parent | Enable nodbus for keepassx and keepassxc profiles. (diff) | |
download | firejail-7a37dc31ab907d55eb88f2fa259f37046952a0c5.tar.gz firejail-7a37dc31ab907d55eb88f2fa259f37046952a0c5.tar.zst firejail-7a37dc31ab907d55eb88f2fa259f37046952a0c5.zip |
recalibrate dbus access, deploy nodbus option
see #1822 and #1825. also systematically replaces
'blacklist /run/user/*/bus' with 'nodbus'.
with contributions from @Fred-Barclay
Diffstat (limited to 'etc/cpio.profile')
-rw-r--r-- | etc/cpio.profile | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/cpio.profile b/etc/cpio.profile index caee6570e..445e1cec7 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile | |||
@@ -6,7 +6,6 @@ include /etc/firejail/cpio.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include /etc/firejail/globals.local | 7 | include /etc/firejail/globals.local |
8 | 8 | ||
9 | blacklist /run/user/*/bus | ||
10 | blacklist /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
11 | 10 | ||
12 | noblacklist /sbin | 11 | noblacklist /sbin |
@@ -19,6 +18,7 @@ include /etc/firejail/disable-programs.inc | |||
19 | caps.drop all | 18 | caps.drop all |
20 | net none | 19 | net none |
21 | no3d | 20 | no3d |
21 | nodbus | ||
22 | nodvd | 22 | nodvd |
23 | nonewprivs | 23 | nonewprivs |
24 | nosound | 24 | nosound |