diff options
author | smitsohu <smitsohu@gmail.com> | 2017-10-22 11:34:51 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-10-22 11:34:51 +0200 |
commit | 55938d07a58d29ceb893e4554a4ddf3c41810fc9 (patch) | |
tree | 1bfdbb2880816c44afcc524d55ab38e27c995e38 /etc/natron.profile | |
parent | fix baloo_file (diff) | |
download | firejail-55938d07a58d29ceb893e4554a4ddf3c41810fc9.tar.gz firejail-55938d07a58d29ceb893e4554a4ddf3c41810fc9.tar.zst firejail-55938d07a58d29ceb893e4554a4ddf3c41810fc9.zip |
disable non-abstract session bus address
systematically blacklist /run/user/*/bus in all profiles with
'net none'. targets distros like Fedora
Diffstat (limited to 'etc/natron.profile')
-rw-r--r-- | etc/natron.profile | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/natron.profile b/etc/natron.profile index b76649605..413ea53f9 100644 --- a/etc/natron.profile +++ b/etc/natron.profile | |||
@@ -5,6 +5,7 @@ include /etc/firejail/natron.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | blacklist /run/user/*/bus | ||
8 | 9 | ||
9 | noblacklist ${HOME}/.Natron | 10 | noblacklist ${HOME}/.Natron |
10 | noblacklist ${HOME}/.cache/INRIA/Natron | 11 | noblacklist ${HOME}/.cache/INRIA/Natron |
@@ -17,7 +18,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
17 | include /etc/firejail/disable-programs.inc | 18 | include /etc/firejail/disable-programs.inc |
18 | 19 | ||
19 | caps.drop all | 20 | caps.drop all |
20 | netfilter | 21 | net none |
21 | nodvd | 22 | nodvd |
22 | nogroups | 23 | nogroups |
23 | nonewprivs | 24 | nonewprivs |
@@ -26,7 +27,6 @@ notv | |||
26 | protocol unix,inet,inet6 | 27 | protocol unix,inet,inet6 |
27 | seccomp | 28 | seccomp |
28 | shell none | 29 | shell none |
29 | net none | ||
30 | 30 | ||
31 | private-bin natron,Natron,NatronRenderer | 31 | private-bin natron,Natron,NatronRenderer |
32 | 32 | ||