Tighten multiple profiles.

This adds whitelist-var-common, machine-id, memory-deny-write-execute, and noexec home and tmp when possible.
author: Fred-Barclay <Fred-Barclay@users.noreply.github.com> 2017-10-04 16:24:36 -0500
committer: Fred-Barclay <Fred-Barclay@users.noreply.github.com> 2017-10-04 16:24:36 -0500
commit: c6259375dff79484b9f3d587da9fbfa76a3b68b9 (patch)
tree: 1b7c010c2f6b0886ccd7a537bb146f7f46cb1d7f /etc/gedit.profile
parent: Tighten spotify profile (diff)
download: firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.tar.gz
firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.tar.zst
firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/gedit.profile b/etc/gedit.profile
index 928006d08..5bf246d66 100644
--- a/etc/gedit.profile
+++ b/etc/gedit.profile
@@ -19,6 +19,7 @@ include /etc/firejail/whitelist-var-common.inc
 caps.drop all
 # net none - makes settings immutable
+machine-id
 no3d
 nodvd
 nogroups
@@ -37,5 +38,6 @@ private-dev
 # private-etc fonts
 private-tmp
+memory-deny-write-execute
 noexec ${HOME}
 noexec /tmp
author	Fred-Barclay <Fred-Barclay@users.noreply.github.com>	2017-10-04 16:24:36 -0500
committer	Fred-Barclay <Fred-Barclay@users.noreply.github.com>	2017-10-04 16:24:36 -0500
commit	c6259375dff79484b9f3d587da9fbfa76a3b68b9 (patch)
tree	1b7c010c2f6b0886ccd7a537bb146f7f46cb1d7f /etc/gedit.profile
parent	Tighten spotify profile (diff)
download	firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.tar.gz firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.tar.zst firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.zip