diff options
author | smitsohu <smitsohu@gmail.com> | 2017-08-08 21:31:50 +0200 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-08 14:31:50 -0500 |
commit | 40a51e179d90f54a20c539567adeed1ea0b94d78 (patch) | |
tree | 48f41f500a4a4cbdd1744365919dd0c2dc99931a /etc/mediathekview.profile | |
parent | Merges (diff) | |
download | firejail-40a51e179d90f54a20c539567adeed1ea0b94d78.tar.gz firejail-40a51e179d90f54a20c539567adeed1ea0b94d78.tar.zst firejail-40a51e179d90f54a20c539567adeed1ea0b94d78.zip |
various little profile fixes and enhancements (#1442)
* add novideo
* add novideo
* add novideo
* put noexec last
* blacklist Clementine configuration and database
* blacklist Clementine configuration and database
* add novideo
* add novideo, permit access to ~/.java
* add novideo
* spoof machine-id
* mimeapps.list is already in whitelist-common.inc
* ~/.local/share/applications is already read-only
see disable-common.inc
* mimeapps.list is already in whitelist-common.inc
* ~/.local/share/applications is already read-only
see disable-common.inc
* drop machine-id option
private-etc hides it anyway
Diffstat (limited to 'etc/mediathekview.profile')
-rw-r--r-- | etc/mediathekview.profile | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile index 5e980909b..bebe95a72 100644 --- a/etc/mediathekview.profile +++ b/etc/mediathekview.profile | |||
@@ -6,6 +6,7 @@ include /etc/firejail/mediathekview.local | |||
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ~/.config/vlc | 8 | noblacklist ~/.config/vlc |
9 | noblacklist ~/.java | ||
9 | noblacklist ~/.mediathek3 | 10 | noblacklist ~/.mediathek3 |
10 | 11 | ||
11 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
@@ -17,6 +18,7 @@ caps.drop all | |||
17 | netfilter | 18 | netfilter |
18 | nonewprivs | 19 | nonewprivs |
19 | noroot | 20 | noroot |
21 | novideo | ||
20 | protocol unix,inet,inet6 | 22 | protocol unix,inet,inet6 |
21 | seccomp | 23 | seccomp |
22 | tracelog | 24 | tracelog |