diff options
author | Tad <tad@spotco.us> | 2017-07-04 10:51:43 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-07-04 11:35:29 -0400 |
commit | 5354f20012b488c50cd556e315b78ad351ae0f9d (patch) | |
tree | 89c737f738f8525da446786083473c249b8a9f79 /etc/hexchat.profile | |
parent | per-profile disable-mnt (diff) | |
download | firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.tar.gz firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.tar.zst firejail-5354f20012b488c50cd556e315b78ad351ae0f9d.zip |
Harden 50 profiles
Hardened many profiles using disable-mnt and novideo
Fixed gnome-font-viewer
Diffstat (limited to 'etc/hexchat.profile')
-rw-r--r-- | etc/hexchat.profile | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/hexchat.profile b/etc/hexchat.profile index ebfd9224c..36ddb9e89 100644 --- a/etc/hexchat.profile +++ b/etc/hexchat.profile | |||
@@ -22,6 +22,7 @@ nogroups | |||
22 | nonewprivs | 22 | nonewprivs |
23 | noroot | 23 | noroot |
24 | nosound | 24 | nosound |
25 | novideo | ||
25 | protocol unix,inet,inet6 | 26 | protocol unix,inet,inet6 |
26 | seccomp | 27 | seccomp |
27 | shell none | 28 | shell none |
@@ -35,6 +36,7 @@ private-bin hexchat | |||
35 | #debug note: private-bin requires perl, python, etc on some systems | 36 | #debug note: private-bin requires perl, python, etc on some systems |
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
39 | disable-mnt | ||
38 | 40 | ||
39 | noexec ${HOME} | 41 | noexec ${HOME} |
40 | noexec /tmp | 42 | noexec /tmp |