diff options
author | smitsohu <smitsohu@gmail.com> | 2017-10-29 13:06:19 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-10-29 13:06:19 +0100 |
commit | 8ef2c87931fa83c2d1fd6b35f23ac650adee6355 (patch) | |
tree | ad154ca76315d658334fb06b587e1df835fb137a /etc/inox.profile | |
parent | fix for #1614 (--timeout) (diff) | |
download | firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.tar.gz firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.tar.zst firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.zip |
fix and harden various profiles
Diffstat (limited to 'etc/inox.profile')
-rw-r--r-- | etc/inox.profile | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/etc/inox.profile b/etc/inox.profile index de4d6205b..221acd309 100644 --- a/etc/inox.profile +++ b/etc/inox.profile | |||
@@ -20,11 +20,17 @@ whitelist ~/.cache/inox | |||
20 | whitelist ~/.config/inox | 20 | whitelist ~/.config/inox |
21 | whitelist ~/.pki | 21 | whitelist ~/.pki |
22 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
23 | include /etc/firejail/whitelist-var-common.inc | ||
23 | 24 | ||
24 | caps.keep sys_chroot,sys_admin | 25 | caps.keep sys_chroot,sys_admin |
25 | netfilter | 26 | netfilter |
26 | nodvd | 27 | nodvd |
27 | nogroups | 28 | nogroups |
28 | noroot | ||
29 | notv | 29 | notv |
30 | shell none | 30 | shell none |
31 | |||
32 | private-dev | ||
33 | # private-tmp - problems with multiple browser sessions | ||
34 | |||
35 | noexec ${HOME} | ||
36 | noexec /tmp | ||