diff options
author | Tad <tad@spotco.us> | 2017-04-15 16:07:25 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-04-15 16:07:25 -0400 |
commit | b7d51c2df6fb62d7830bdd3a873fff618adb00dc (patch) | |
tree | b7970715f4f36fda11c39c34655fded68b354230 /etc/gimp.profile | |
parent | Harden dino (diff) | |
download | firejail-b7d51c2df6fb62d7830bdd3a873fff618adb00dc.tar.gz firejail-b7d51c2df6fb62d7830bdd3a873fff618adb00dc.tar.zst firejail-b7d51c2df6fb62d7830bdd3a873fff618adb00dc.zip |
Harden 19 more profiles
Diffstat (limited to 'etc/gimp.profile')
-rw-r--r-- | etc/gimp.profile | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/gimp.profile b/etc/gimp.profile index 4088bd680..5f8ccb4fb 100644 --- a/etc/gimp.profile +++ b/etc/gimp.profile | |||
@@ -10,16 +10,18 @@ include /etc/firejail/disable-passwdmgr.inc | |||
10 | 10 | ||
11 | caps.drop all | 11 | caps.drop all |
12 | netfilter | 12 | netfilter |
13 | net none | ||
13 | nogroups | 14 | nogroups |
14 | nonewprivs | 15 | nonewprivs |
15 | noroot | 16 | noroot |
16 | nosound | 17 | nosound |
17 | protocol unix | 18 | protocol unix |
18 | seccomp | 19 | seccomp |
20 | shell none | ||
19 | 21 | ||
20 | # gimp plugins are installed by the user in ~/.gimp-2.8/plug-ins/ directory | 22 | # gimp plugins are installed by the user in ~/.gimp-2.8/plug-ins/ directory |
21 | # if you are not using external plugins, you can enable noexec statement below | 23 | # if you are not using external plugins, you can enable noexec statement below |
22 | # noexec ${HOME} | 24 | # noexec ${HOME} |
23 | 25 | ||
24 | noexec /tmp | 26 | noexec /tmp |
25 | 27 | ||