diff options
| author |  smitsohu <smitsohu@gmail.com> | 2017-10-29 13:06:19 +0100 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2017-10-29 13:06:19 +0100 |
| commit | 8ef2c87931fa83c2d1fd6b35f23ac650adee6355 (patch) | |
| tree | ad154ca76315d658334fb06b587e1df835fb137a /etc/iridium.profile | |
| parent | fix for #1614 (--timeout) (diff) | |
| download | firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.tar.gz firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.tar.zst firejail-8ef2c87931fa83c2d1fd6b35f23ac650adee6355.zip | |
fix and harden various profiles
Diffstat (limited to 'etc/iridium.profile')
| -rw-r--r-- | etc/iridium.profile | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/etc/iridium.profile b/etc/iridium.profile index db9c5c7cf..5b1268f4e 100644 --- a/etc/iridium.profile +++ b/etc/iridium.profile | |||
| @@ -21,7 +21,17 @@ whitelist ~/.cache/iridium | |||
| 21 | whitelist ~/.config/iridium | 21 | whitelist ~/.config/iridium |
| 22 | whitelist ~/.pki | 22 | whitelist ~/.pki |
| 23 | include /etc/firejail/whitelist-common.inc | 23 | include /etc/firejail/whitelist-common.inc |
| 24 | include /etc/firejail/whitelist-var-common.inc | ||
| 24 | 25 | ||
| 26 | caps.keep sys_chroot,sys_admin | ||
| 25 | netfilter | 27 | netfilter |
| 26 | nodvd | 28 | nodvd |
| 29 | nogroups | ||
| 27 | notv | 30 | notv |
| 31 | shell none | ||
| 32 | |||
| 33 | private-dev | ||
| 34 | # private-tmp - problems with multiple browser sessions | ||
| 35 | |||
| 36 | noexec ${HOME} | ||
| 37 | noexec /tmp | ||