diff options
author | Tad <tad@spotco.us> | 2017-07-30 17:32:15 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-08-02 00:13:42 -0400 |
commit | 55b200c440fe49e3a2dadb2634025587083f774b (patch) | |
tree | 18193c7a24dbfb940fd6cee62c1ba64887d288ce /etc/google-chrome-unstable.profile | |
parent | Add noexec to more profiles as tested by @curiosity-seeker (diff) | |
download | firejail-55b200c440fe49e3a2dadb2634025587083f774b.tar.gz firejail-55b200c440fe49e3a2dadb2634025587083f774b.tar.zst firejail-55b200c440fe49e3a2dadb2634025587083f774b.zip |
Partially synchronize Chromium-based profiles
Diffstat (limited to 'etc/google-chrome-unstable.profile')
-rw-r--r-- | etc/google-chrome-unstable.profile | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/etc/google-chrome-unstable.profile b/etc/google-chrome-unstable.profile index 860e2488a..0675d7b49 100644 --- a/etc/google-chrome-unstable.profile +++ b/etc/google-chrome-unstable.profile | |||
@@ -16,8 +16,6 @@ include /etc/firejail/disable-programs.inc | |||
16 | # include /etc/firejail/disable-devel.inc | 16 | # include /etc/firejail/disable-devel.inc |
17 | # | 17 | # |
18 | 18 | ||
19 | netfilter | ||
20 | |||
21 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
22 | mkdir ~/.config/google-chrome-unstable | 20 | mkdir ~/.config/google-chrome-unstable |
23 | whitelist ~/.config/google-chrome-unstable | 21 | whitelist ~/.config/google-chrome-unstable |
@@ -27,5 +25,15 @@ mkdir ~/.pki | |||
27 | whitelist ~/.pki | 25 | whitelist ~/.pki |
28 | include /etc/firejail/whitelist-common.inc | 26 | include /etc/firejail/whitelist-common.inc |
29 | 27 | ||
28 | caps.keep sys_chroot,sys_admin | ||
29 | #ipc-namespace | ||
30 | netfilter | ||
31 | nogroups | ||
32 | shell none | ||
33 | |||
34 | private-dev | ||
35 | #private-tmp - problems with multiple browser sessions | ||
36 | #disable-mnt | ||
37 | |||
30 | noexec ${HOME} | 38 | noexec ${HOME} |
31 | noexec /tmp | 39 | noexec /tmp |