diff options
| author |  Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-04-15 22:06:37 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2017-04-15 22:06:37 +0000 |
| commit | f13aa1b80ac13085503bc190bf4ee7d7513607be (patch) | |
| tree | b32a354af0af97e19b779380382ec973275a1006 /etc/eog.profile | |
| parent | noblacklist .config/qt5ct (part 1) (diff) | |
| parent | Harden Steam (diff) | |
| download | firejail-f13aa1b80ac13085503bc190bf4ee7d7513607be.tar.gz firejail-f13aa1b80ac13085503bc190bf4ee7d7513607be.tar.zst firejail-f13aa1b80ac13085503bc190bf4ee7d7513607be.zip | |
Merge pull request #1220 from SpotComms/harden
Harden some profiles
Diffstat (limited to 'etc/eog.profile')
| -rw-r--r-- | etc/eog.profile | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/etc/eog.profile b/etc/eog.profile index c5afec7fa..7c2cd557c 100644 --- a/etc/eog.profile +++ b/etc/eog.profile | |||
| @@ -11,7 +11,9 @@ include /etc/firejail/disable-devel.inc | |||
| 11 | include /etc/firejail/disable-passwdmgr.inc | 11 | include /etc/firejail/disable-passwdmgr.inc |
| 12 | 12 | ||
| 13 | caps.drop all | 13 | caps.drop all |
| 14 | net none | ||
| 14 | netfilter | 15 | netfilter |
| 16 | no3d | ||
| 15 | nogroups | 17 | nogroups |
| 16 | nonewprivs | 18 | nonewprivs |
| 17 | noroot | 19 | noroot |
| @@ -24,3 +26,6 @@ private-bin eog | |||
| 24 | private-dev | 26 | private-dev |
| 25 | private-etc fonts | 27 | private-etc fonts |
| 26 | private-tmp | 28 | private-tmp |
| 29 | |||
| 30 | noexec ${HOME} | ||
| 31 | noexec /tmp | ||