diff options
author | smitsohu <smitsohu@gmail.com> | 2019-03-12 20:44:51 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-12 20:44:51 +0000 |
commit | aa2bdffc4b4d0437dd710a70546c87b8f882b100 (patch) | |
tree | e44a8864ec0964a6c72caa7b6297ca90d7e8fd21 /etc/gimp.profile | |
parent | Harden meld.profile (#2577) (diff) | |
download | firejail-aa2bdffc4b4d0437dd710a70546c87b8f882b100.tar.gz firejail-aa2bdffc4b4d0437dd710a70546c87b8f882b100.tar.zst firejail-aa2bdffc4b4d0437dd710a70546c87b8f882b100.zip |
add disable-exec.inc to all profiles with apparmor (#2576)
* add disable-exec.inc to all profiles with apparmor - #2385 #2505
* drop disable-exec.inc from generic electron.profile
Diffstat (limited to 'etc/gimp.profile')
-rw-r--r-- | etc/gimp.profile | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/gimp.profile b/etc/gimp.profile index 9b14b1fe8..91001cd30 100644 --- a/etc/gimp.profile +++ b/etc/gimp.profile | |||
@@ -6,12 +6,17 @@ include gimp.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # gimp plugins are installed by the user in ${HOME}/.gimp-2.8/plug-ins/ directory | ||
10 | # if you are not using external plugins, you can disable ignore noexec statement below | ||
11 | ignore noexec ${HOME} | ||
12 | |||
9 | noblacklist ${HOME}/.config/GIMP | 13 | noblacklist ${HOME}/.config/GIMP |
10 | noblacklist ${HOME}/.gimp* | 14 | noblacklist ${HOME}/.gimp* |
11 | noblacklist ${DOCUMENTS} | 15 | noblacklist ${DOCUMENTS} |
12 | noblacklist ${PICTURES} | 16 | noblacklist ${PICTURES} |
13 | 17 | ||
14 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-exec.inc | ||
15 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 21 | include disable-programs.inc |
17 | include disable-xdg.inc | 22 | include disable-xdg.inc |
@@ -35,8 +40,3 @@ shell none | |||
35 | 40 | ||
36 | private-dev | 41 | private-dev |
37 | private-tmp | 42 | private-tmp |
38 | |||
39 | # gimp plugins are installed by the user in ${HOME}/.gimp-2.8/plug-ins/ directory | ||
40 | # if you are not using external plugins, you can enable noexec statement below | ||
41 | # noexec ${HOME} | ||
42 | noexec /tmp | ||