diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-08-17 09:18:20 +1000 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-08-17 09:18:20 +1000 |
commit | 0773b2791af79418572373ac8297bea6060d65a9 (patch) | |
tree | cb79fb745f2667abaf638fbcfa407b950d33f3ee /etc/hexchat.profile | |
parent | overlay etc. (diff) | |
download | firejail-0773b2791af79418572373ac8297bea6060d65a9.tar.gz firejail-0773b2791af79418572373ac8297bea6060d65a9.tar.zst firejail-0773b2791af79418572373ac8297bea6060d65a9.zip |
tightened profiles
Diffstat (limited to 'etc/hexchat.profile')
-rw-r--r-- | etc/hexchat.profile | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/etc/hexchat.profile b/etc/hexchat.profile index 0d7ee6594..0ff64aef5 100644 --- a/etc/hexchat.profile +++ b/etc/hexchat.profile | |||
@@ -7,9 +7,11 @@ include /etc/firejail/disable-programs.inc | |||
7 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
8 | 8 | ||
9 | caps.drop all | 9 | caps.drop all |
10 | netfilter | ||
11 | nogroups | ||
10 | nonewprivs | 12 | nonewprivs |
11 | noroot | 13 | noroot |
12 | netfilter | 14 | nosound |
13 | protocol unix,inet,inet6 | 15 | protocol unix,inet,inet6 |
14 | seccomp | 16 | seccomp |
15 | 17 | ||
@@ -18,3 +20,5 @@ whitelist ~/.config/hexchat | |||
18 | include /etc/firejail/whitelist-common.inc | 20 | include /etc/firejail/whitelist-common.inc |
19 | 21 | ||
20 | # private-bin requires perl, python, etc. | 22 | # private-bin requires perl, python, etc. |
23 | private-dev | ||
24 | private-tmp | ||