diff options
| author |  ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com> | 2018-07-11 19:35:19 -0400 |
|---|---|---|
| committer | ಚಿರಾಗ್ ನಟರಾಜ್ <chiraag.nataraj@gmail.com> | 2018-07-11 19:35:19 -0400 |
| commit | 6108f459e375151e95bedf7090eb9b84169479e8 (patch) | |
| tree | c1da54ce10ec15bbc876f1c469b6ccc9bac8d054 /etc/firejail-default | |
| parent | Add warning that nodbus + blacklist of python3 breaks Gnome connector (see #2... (diff) | |
| download | firejail-6108f459e375151e95bedf7090eb9b84169479e8.tar.gz firejail-6108f459e375151e95bedf7090eb9b84169479e8.tar.zst firejail-6108f459e375151e95bedf7090eb9b84169479e8.zip | |
Blacklist all .snapshots directories in AppArmor profile
Diffstat (limited to 'etc/firejail-default')
| -rw-r--r-- | etc/firejail-default | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/firejail-default b/etc/firejail-default index 8bf42b3a3..28103a598 100644 --- a/etc/firejail-default +++ b/etc/firejail-default | |||
| @@ -83,6 +83,9 @@ deny /proc/@{PID}/oom_score_adj w, | |||
| 83 | # Uncomment to silence all denied write warnings | 83 | # Uncomment to silence all denied write warnings |
| 84 | #deny /sys/** w, | 84 | #deny /sys/** w, |
| 85 | 85 | ||
| 86 | # Blacklist snapshots | ||
| 87 | deny /**/.snapshots/ rwx, | ||
| 88 | |||
| 86 | ########## | 89 | ########## |
| 87 | # Allow running programs only from well-known system directories. If you need | 90 | # Allow running programs only from well-known system directories. If you need |
| 88 | # to run programs from your home directory, uncomment /home line. | 91 | # to run programs from your home directory, uncomment /home line. |