diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2017-09-24 14:01:30 -0500 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2017-09-24 14:01:30 -0500 |
commit | 463ebe8b0b5ca47fea59f370fb8c1e7a7a0c8482 (patch) | |
tree | 1f3d7efd3f542010776b4417303fe2810b98c921 /etc/mate-calc.profile | |
parent | Fix gnome-calculator missing theme (diff) | |
download | firejail-463ebe8b0b5ca47fea59f370fb8c1e7a7a0c8482.tar.gz firejail-463ebe8b0b5ca47fea59f370fb8c1e7a7a0c8482.tar.zst firejail-463ebe8b0b5ca47fea59f370fb8c1e7a7a0c8482.zip |
tighten mate-calc profile
Diffstat (limited to 'etc/mate-calc.profile')
-rw-r--r-- | etc/mate-calc.profile | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile index caf3095a5..c59b2dcc7 100644 --- a/etc/mate-calc.profile +++ b/etc/mate-calc.profile | |||
@@ -12,8 +12,15 @@ include /etc/firejail/disable-devel.inc | |||
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
14 | 14 | ||
15 | whitelist ${HOME}/.cache/mate-calc | ||
16 | whitelist ${HOME}/.config/caja | ||
17 | whitelist ${HOME}/.config/gtk-3.0 | ||
18 | whitelist ${HOME}/.config/dconf | ||
19 | whitelist ${HOME}./config/mate-menu | ||
20 | whitelist ${HOME}/.themes | ||
21 | |||
15 | caps.drop all | 22 | caps.drop all |
16 | netfilter | 23 | net none |
17 | no3d | 24 | no3d |
18 | nodvd | 25 | nodvd |
19 | nogroups | 26 | nogroups |
@@ -27,8 +34,12 @@ seccomp | |||
27 | shell none | 34 | shell none |
28 | 35 | ||
29 | disable-mnt | 36 | disable-mnt |
37 | private-bin mate-calc,mate-calculator | ||
38 | private-etc fonts | ||
30 | private-dev | 39 | private-dev |
40 | private-opt none | ||
31 | private-tmp | 41 | private-tmp |
32 | 42 | ||
43 | memory-deny-write-execute | ||
33 | noexec ${HOME} | 44 | noexec ${HOME} |
34 | noexec /tmp | 45 | noexec /tmp |