diff options
author | smitsohu <smitsohu@gmail.com> | 2017-10-29 13:06:19 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-10-29 13:06:19 +0100 |
commit | 8ef2c87931fa83c2d1fd6b35f23ac650adee6355 (patch) | |
tree | ad154ca76315d658334fb06b587e1df835fb137a /etc/iridium.profile | |
parent | fix for #1614 (--timeout) (diff) | |
download | firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.tar.gz firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.tar.zst firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.zip |
fix and harden various profiles
Diffstat (limited to 'etc/iridium.profile')
-rw-r--r-- | etc/iridium.profile | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/etc/iridium.profile b/etc/iridium.profile index db9c5c7cf..5b1268f4e 100644 --- a/etc/iridium.profile +++ b/etc/iridium.profile | |||
@@ -21,7 +21,17 @@ whitelist ~/.cache/iridium | |||
21 | whitelist ~/.config/iridium | 21 | whitelist ~/.config/iridium |
22 | whitelist ~/.pki | 22 | whitelist ~/.pki |
23 | include /etc/firejail/whitelist-common.inc | 23 | include /etc/firejail/whitelist-common.inc |
24 | include /etc/firejail/whitelist-var-common.inc | ||
24 | 25 | ||
26 | caps.keep sys_chroot,sys_admin | ||
25 | netfilter | 27 | netfilter |
26 | nodvd | 28 | nodvd |
29 | nogroups | ||
27 | notv | 30 | notv |
31 | shell none | ||
32 | |||
33 | private-dev | ||
34 | # private-tmp - problems with multiple browser sessions | ||
35 | |||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||