More disable-exec and hardening

author: rusty-snake <print_hello_world+Public@protonmail.com> 2019-04-13 12:23:22 +0200
committer: rusty-snake <print_hello_world+Public@protonmail.com> 2019-04-13 12:23:22 +0200
commit: 947337b257612a0291f883149f1e001ccf26112b (patch)
tree: 60f54ba8745b106c91aabf5e454ec577c2fe8112 /etc/default.profile
parent: More disable-exec stuff (#2647) (diff)
download: firejail-947337b257612a0291f883149f1e001ccf26112b.tar.gz
firejail-947337b257612a0291f883149f1e001ccf26112b.tar.zst
firejail-947337b257612a0291f883149f1e001ccf26112b.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/default.profile b/etc/default.profile
index 3eacf9546..95a6e8095 100644
--- a/etc/default.profile
+++ b/etc/default.profile
@@ -19,6 +19,8 @@ include disable-programs.inc
 # apparmor
 caps.drop all
 # ipc-namespace
+# machine-id
+# net none
 netfilter
 # no3d
 # nodbus
@@ -33,6 +35,7 @@ noroot
 protocol unix,inet,inet6
 seccomp
 # shell none
+# tracelog
 # disable-mnt
 # private
author	rusty-snake <print_hello_world+Public@protonmail.com>	2019-04-13 12:23:22 +0200
committer	rusty-snake <print_hello_world+Public@protonmail.com>	2019-04-13 12:23:22 +0200
commit	947337b257612a0291f883149f1e001ccf26112b (patch)
tree	60f54ba8745b106c91aabf5e454ec577c2fe8112 /etc/default.profile
parent	More disable-exec stuff (#2647) (diff)
download	firejail-947337b257612a0291f883149f1e001ccf26112b.tar.gz firejail-947337b257612a0291f883149f1e001ccf26112b.tar.zst firejail-947337b257612a0291f883149f1e001ccf26112b.zip