diff options
author | smitsohu <smitsohu@gmail.com> | 2019-03-12 20:44:51 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-12 20:44:51 +0000 |
commit | aa2bdffc4b4d0437dd710a70546c87b8f882b100 (patch) | |
tree | e44a8864ec0964a6c72caa7b6297ca90d7e8fd21 /etc/gnome-system-log.profile | |
parent | Harden meld.profile (#2577) (diff) | |
download | firejail-aa2bdffc4b4d0437dd710a70546c87b8f882b100.tar.gz firejail-aa2bdffc4b4d0437dd710a70546c87b8f882b100.tar.zst firejail-aa2bdffc4b4d0437dd710a70546c87b8f882b100.zip |
add disable-exec.inc to all profiles with apparmor (#2576)
* add disable-exec.inc to all profiles with apparmor - #2385 #2505
* drop disable-exec.inc from generic electron.profile
Diffstat (limited to 'etc/gnome-system-log.profile')
-rw-r--r-- | etc/gnome-system-log.profile | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/etc/gnome-system-log.profile b/etc/gnome-system-log.profile index 69b0fe75c..c6af31ede 100644 --- a/etc/gnome-system-log.profile +++ b/etc/gnome-system-log.profile | |||
@@ -10,6 +10,7 @@ noblacklist /var/log | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -49,8 +50,6 @@ private-tmp | |||
49 | writable-var-log | 50 | writable-var-log |
50 | 51 | ||
51 | memory-deny-write-execute | 52 | memory-deny-write-execute |
52 | noexec ${HOME} | ||
53 | noexec /tmp | ||
54 | 53 | ||
55 | # uncomment this if you never export logs to a file in your ${HOME} | 54 | # uncomment this if you never export logs to a file in your ${HOME} |
56 | #read-only ${HOME} | 55 | #read-only ${HOME} |