diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2017-10-04 16:24:36 -0500 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2017-10-04 16:24:36 -0500 |
commit | c6259375dff79484b9f3d587da9fbfa76a3b68b9 (patch) | |
tree | 1b7c010c2f6b0886ccd7a537bb146f7f46cb1d7f /etc/google-chrome.profile | |
parent | Tighten spotify profile (diff) | |
download | firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.tar.gz firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.tar.zst firejail-c6259375dff79484b9f3d587da9fbfa76a3b68b9.zip |
Tighten multiple profiles.
This adds whitelist-var-common, machine-id, memory-deny-write-execute,
and noexec home and tmp when possible.
Diffstat (limited to 'etc/google-chrome.profile')
-rw-r--r-- | etc/google-chrome.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile index a50e0e89d..6e5175989 100644 --- a/etc/google-chrome.profile +++ b/etc/google-chrome.profile | |||
@@ -21,6 +21,7 @@ whitelist ~/.cache/google-chrome | |||
21 | whitelist ~/.config/google-chrome | 21 | whitelist ~/.config/google-chrome |
22 | whitelist ~/.pki | 22 | whitelist ~/.pki |
23 | include /etc/firejail/whitelist-common.inc | 23 | include /etc/firejail/whitelist-common.inc |
24 | include /etc/firejail/whitelist-var-common.inc | ||
24 | 25 | ||
25 | caps.keep sys_chroot,sys_admin | 26 | caps.keep sys_chroot,sys_admin |
26 | netfilter | 27 | netfilter |