diff options
author | netblue30 <netblue30@yahoo.com> | 2017-02-20 10:55:40 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-02-20 10:55:40 -0500 |
commit | 9d5f377dd3cdc599890c274686045f857d33a3b4 (patch) | |
tree | 0414a854bbecb4fa74f9c06efbb83bcb57143035 /etc/firefox.profile | |
parent | spelling (diff) | |
download | firejail-9d5f377dd3cdc599890c274686045f857d33a3b4.tar.gz firejail-9d5f377dd3cdc599890c274686045f857d33a3b4.tar.zst firejail-9d5f377dd3cdc599890c274686045f857d33a3b4.zip |
security: ~/.pki directory whitelisted and later blacklisted. This affects most browsers, and disables the custom certificates installed by the user.
Diffstat (limited to 'etc/firefox.profile')
-rw-r--r-- | etc/firefox.profile | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/firefox.profile b/etc/firefox.profile index ba655dec6..5f891ea3c 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -8,6 +8,7 @@ noblacklist ~/.cache/mozilla | |||
8 | noblacklist ~/.config/qpdfview | 8 | noblacklist ~/.config/qpdfview |
9 | noblacklist ~/.local/share/qpdfview | 9 | noblacklist ~/.local/share/qpdfview |
10 | noblacklist ~/.kde/share/apps/okular | 10 | noblacklist ~/.kde/share/apps/okular |
11 | noblacklist ~/.pki | ||
11 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
12 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
13 | include /etc/firejail/disable-devel.inc | 14 | include /etc/firejail/disable-devel.inc |
@@ -34,6 +35,7 @@ whitelist ~/.pentadactyl | |||
34 | whitelist ~/.keysnail.js | 35 | whitelist ~/.keysnail.js |
35 | whitelist ~/.config/gnome-mplayer | 36 | whitelist ~/.config/gnome-mplayer |
36 | whitelist ~/.cache/gnome-mplayer/plugin | 37 | whitelist ~/.cache/gnome-mplayer/plugin |
38 | mkdir ~/.pki | ||
37 | whitelist ~/.pki | 39 | whitelist ~/.pki |
38 | whitelist ~/.config/qpdfview | 40 | whitelist ~/.config/qpdfview |
39 | whitelist ~/.local/share/qpdfview | 41 | whitelist ~/.local/share/qpdfview |