diff options
author | Tad <tad@spotco.us> | 2017-07-04 10:51:43 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-07-04 11:35:29 -0400 |
commit | 5354f20012b488c50cd556e315b78ad351ae0f9d (patch) | |
tree | 89c737f738f8525da446786083473c249b8a9f79 /etc/gnome-chess.profile | |
parent | per-profile disable-mnt (diff) | |
download | firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.tar.gz firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.tar.zst firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.zip |
Harden 50 profiles
Hardened many profiles using disable-mnt and novideo
Fixed gnome-font-viewer
Diffstat (limited to 'etc/gnome-chess.profile')
-rw-r--r-- | etc/gnome-chess.profile | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile index 9ff978803..8c098d592 100644 --- a/etc/gnome-chess.profile +++ b/etc/gnome-chess.profile | |||
@@ -14,10 +14,12 @@ include /etc/firejail/disable-programs.inc | |||
14 | include /etc/firejail/disable-passwdmgr.inc | 14 | include /etc/firejail/disable-passwdmgr.inc |
15 | 15 | ||
16 | caps.drop all | 16 | caps.drop all |
17 | no3d | ||
17 | nogroups | 18 | nogroups |
18 | nonewprivs | 19 | nonewprivs |
19 | noroot | 20 | noroot |
20 | nosound | 21 | nosound |
22 | novideo | ||
21 | protocol unix | 23 | protocol unix |
22 | seccomp | 24 | seccomp |
23 | shell none | 25 | shell none |
@@ -27,3 +29,7 @@ private-bin fairymax,gnome-chess,hoichess | |||
27 | private-dev | 29 | private-dev |
28 | private-etc fonts,gnome-chess | 30 | private-etc fonts,gnome-chess |
29 | private-tmp | 31 | private-tmp |
32 | disable-mnt | ||
33 | |||
34 | noexec ${HOME} | ||
35 | noexec /tmp | ||