diff options
| author |  glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-24 22:22:43 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2019-02-24 22:22:43 +0000 |
| commit | 264f0441fff53a94760c34cb69262721818d0a50 (patch) | |
| tree | cb4829785e31a1d26606e4b3ac58050e202e406a /etc/file-roller.profile | |
| parent | Harden mediainfo.profile (#2467) (diff) | |
| download | firejail-264f0441fff53a94760c34cb69262721818d0a50.tar.gz firejail-264f0441fff53a94760c34cb69262721818d0a50.tar.zst firejail-264f0441fff53a94760c34cb69262721818d0a50.zip | |
Harden file-roller.profile (#2468)
Diffstat (limited to 'etc/file-roller.profile')
| -rw-r--r-- | etc/file-roller.profile | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/file-roller.profile b/etc/file-roller.profile index e4863bfc0..6ec5e05b1 100644 --- a/etc/file-roller.profile +++ b/etc/file-roller.profile | |||
| @@ -16,8 +16,11 @@ include whitelist-var-common.inc | |||
| 16 | 16 | ||
| 17 | apparmor | 17 | apparmor |
| 18 | caps.drop all | 18 | caps.drop all |
| 19 | ipc-namespace | ||
| 20 | machine-id | ||
| 19 | net none | 21 | net none |
| 20 | no3d | 22 | no3d |
| 23 | # nodbus makes settings immutable - comment if you need settings support | ||
| 21 | nodbus | 24 | nodbus |
| 22 | nodvd | 25 | nodvd |
| 23 | nogroups | 26 | nogroups |
| @@ -37,6 +40,6 @@ private-dev | |||
| 37 | # private-etc alternatives,fonts | 40 | # private-etc alternatives,fonts |
| 38 | # private-tmp | 41 | # private-tmp |
| 39 | 42 | ||
| 40 | #memory-deny-write-execute - breaks on Arch | 43 | memory-deny-write-execute |
| 41 | noexec ${HOME} | 44 | noexec ${HOME} |
| 42 | noexec /tmp | 45 | noexec /tmp |