diff options
author | Tad <tad@spotco.us> | 2017-07-04 10:51:43 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-07-04 11:35:29 -0400 |
commit | 5354f20012b488c50cd556e315b78ad351ae0f9d (patch) | |
tree | 89c737f738f8525da446786083473c249b8a9f79 /etc/gnome-2048.profile | |
parent | per-profile disable-mnt (diff) | |
download | firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.tar.gz firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.tar.zst firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.zip |
Harden 50 profiles
Hardened many profiles using disable-mnt and novideo
Fixed gnome-font-viewer
Diffstat (limited to 'etc/gnome-2048.profile')
-rw-r--r-- | etc/gnome-2048.profile | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile index 0e757a06f..5e0dfc2a1 100644 --- a/etc/gnome-2048.profile +++ b/etc/gnome-2048.profile | |||
@@ -26,7 +26,17 @@ include /etc/firejail/whitelist-common.inc | |||
26 | #Options | 26 | #Options |
27 | caps.drop all | 27 | caps.drop all |
28 | netfilter | 28 | netfilter |
29 | no3d | ||
29 | nonewprivs | 30 | nonewprivs |
30 | noroot | 31 | noroot |
32 | #nosound | ||
33 | novideo | ||
31 | protocol unix,inet,inet6 | 34 | protocol unix,inet,inet6 |
32 | seccomp | 35 | seccomp |
36 | |||
37 | private-dev | ||
38 | private-tmp | ||
39 | disable-mnt | ||
40 | |||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||