diff options
author | smitsohu <smitsohu@gmail.com> | 2017-10-31 02:24:39 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-10-31 02:24:39 +0100 |
commit | 871dfe351fd8cf19c8c7f330187c994b911ec995 (patch) | |
tree | fc7839dff34b0b14e92a0cd87d45f56f744d45cd /etc/kate.profile | |
parent | fix --ignore=quiet (diff) | |
download | firejail-871dfe351fd8cf19c8c7f330187c994b911ec995.tar.gz firejail-871dfe351fd8cf19c8c7f330187c994b911ec995.tar.zst firejail-871dfe351fd8cf19c8c7f330187c994b911ec995.zip |
harden kde
and whitelist kioslaverc because we don't know if kdeinit
will run outside or inside the sandbox.
Diffstat (limited to 'etc/kate.profile')
-rw-r--r-- | etc/kate.profile | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/etc/kate.profile b/etc/kate.profile index 69100d49d..85a98d67f 100644 --- a/etc/kate.profile +++ b/etc/kate.profile | |||
@@ -5,6 +5,8 @@ include /etc/firejail/kate.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | # blacklist /run/user/*/bus | ||
9 | |||
8 | noblacklist ~/.config/katepartrc | 10 | noblacklist ~/.config/katepartrc |
9 | noblacklist ~/.config/katerc | 11 | noblacklist ~/.config/katerc |
10 | noblacklist ~/.config/kateschemarc | 12 | noblacklist ~/.config/kateschemarc |
@@ -20,6 +22,7 @@ include /etc/firejail/disable-programs.inc | |||
20 | include /etc/firejail/whitelist-var-common.inc | 22 | include /etc/firejail/whitelist-var-common.inc |
21 | 23 | ||
22 | caps.drop all | 24 | caps.drop all |
25 | # net none | ||
23 | netfilter | 26 | netfilter |
24 | nodvd | 27 | nodvd |
25 | nogroups | 28 | nogroups |