diff options
author | Tad <tad@spotco.us> | 2017-04-15 08:57:13 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-04-15 15:25:08 -0400 |
commit | 90cd669eba680369c6ba8d96af194b70c8cc8706 (patch) | |
tree | 31c4d14fa5b56003b9898c8e6d19f03b7d91b091 /etc/jd-gui.profile | |
parent | noblacklist .config/qt5ct (part 1) (diff) | |
download | firejail-90cd669eba680369c6ba8d96af194b70c8cc8706.tar.gz firejail-90cd669eba680369c6ba8d96af194b70c8cc8706.tar.zst firejail-90cd669eba680369c6ba8d96af194b70c8cc8706.zip |
Harden some profiles
Diffstat (limited to 'etc/jd-gui.profile')
-rw-r--r-- | etc/jd-gui.profile | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile index 2ba1a4380..25b7b5bb1 100644 --- a/etc/jd-gui.profile +++ b/etc/jd-gui.profile | |||
@@ -17,7 +17,18 @@ include /etc/firejail/disable-devel.inc | |||
17 | #Options | 17 | #Options |
18 | caps.drop all | 18 | caps.drop all |
19 | netfilter | 19 | netfilter |
20 | nogroups | ||
20 | nonewprivs | 21 | nonewprivs |
21 | noroot | 22 | noroot |
22 | protocol unix,inet,inet6 | 23 | #protocol unix |
23 | seccomp | 24 | seccomp |
25 | shell none | ||
26 | |||
27 | private-dev | ||
28 | private-tmp | ||
29 | |||
30 | noexec ${HOME} | ||
31 | noexec /tmp | ||
32 | |||
33 | no3d | ||
34 | nosound | ||