diff options
| author |  Tad <tad@spotco.us> | 2017-07-05 09:40:54 -0400 |
|---|---|---|
| committer | Tad <tad@spotco.us> | 2017-08-02 00:13:42 -0400 |
| commit | 0dba38435ef92ccc01cc9ff23b69df55489ec983 (patch) | |
| tree | dfd1d8db02f579183fa77acdbde9aa315596220f /etc/mediainfo.profile | |
| parent | x11/xpra support (diff) | |
| download | firejail-0dba38435ef92ccc01cc9ff23b69df55489ec983.tar.gz firejail-0dba38435ef92ccc01cc9ff23b69df55489ec983.tar.zst firejail-0dba38435ef92ccc01cc9ff23b69df55489ec983.zip | |
Harden profiles
- Added 'disable-devel.conf' to many profiles
- Added 'disable-mnt' to many profiles
- Added 'noexec' to many profiles
- Removed 'netfilter' and 'net none' from profiles with 'protocol unix'
- Cleaned up profiles using defaults
Diffstat (limited to 'etc/mediainfo.profile')
| -rw-r--r-- | etc/mediainfo.profile | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index 59cb080d3..c6e95cc5c 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile | |||
| @@ -12,15 +12,13 @@ include /etc/firejail/disable-devel.inc | |||
| 12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
| 13 | 13 | ||
| 14 | caps.drop all | 14 | caps.drop all |
| 15 | nogroups | ||
| 16 | nonewprivs | 15 | nonewprivs |
| 16 | nogroups | ||
| 17 | noroot | 17 | noroot |
| 18 | nosound | 18 | nosound |
| 19 | no3d | 19 | no3d |
| 20 | protocol unix | 20 | protocol unix |
| 21 | seccomp | 21 | seccomp |
| 22 | netfilter | ||
| 23 | net none | ||
| 24 | shell none | 22 | shell none |
| 25 | tracelog | 23 | tracelog |
| 26 | 24 | ||