diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-06-15 01:17:31 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-15 01:17:31 +0000 |
commit | 4fdecca909b1cdab1039d606a96a9dff500271c0 (patch) | |
tree | 33553f9e6c6c3a14730b08f8af880da94f6c93cd /etc/mpDris2.profile | |
parent | Create syscalls file (#2754) (diff) | |
download | firejail-4fdecca909b1cdab1039d606a96a9dff500271c0.tar.gz firejail-4fdecca909b1cdab1039d606a96a9dff500271c0.tar.zst firejail-4fdecca909b1cdab1039d606a96a9dff500271c0.zip |
Harden mpDris2 profile
Diffstat (limited to 'etc/mpDris2.profile')
-rw-r--r-- | etc/mpDris2.profile | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/etc/mpDris2.profile b/etc/mpDris2.profile index dc4dbf9a3..eb49b52ab 100644 --- a/etc/mpDris2.profile +++ b/etc/mpDris2.profile | |||
@@ -12,6 +12,8 @@ noblacklist ${HOME}/.config/mpDris2 | |||
12 | include allow-python2.inc | 12 | include allow-python2.inc |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
14 | 14 | ||
15 | noblacklist ${MUSIC} | ||
16 | |||
15 | include disable-common.inc | 17 | include disable-common.inc |
16 | include disable-devel.inc | 18 | include disable-devel.inc |
17 | include disable-exec.inc | 19 | include disable-exec.inc |
@@ -20,6 +22,12 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 22 | include disable-programs.inc |
21 | include disable-xdg.inc | 23 | include disable-xdg.inc |
22 | 24 | ||
25 | whitelist ${MUSIC} | ||
26 | |||
27 | mkdir ${HOME}/.config/mpDris2 | ||
28 | whitelist ${HOME}/.config/mpDris2 | ||
29 | include whitelist-var-common.inc | ||
30 | |||
23 | caps.drop all | 31 | caps.drop all |
24 | machine-id | 32 | machine-id |
25 | netfilter | 33 | netfilter |