diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-07-10 00:00:11 +1000 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-07-10 00:00:11 +1000 |
commit | 2e1b94c4251e6a841672f3df96e3d503d380ef1b (patch) | |
tree | c9bde903608cc92747ebe53fa5a7dae4f3db435e /etc/palemoon.profile | |
parent | cleanup (diff) | |
download | firejail-2e1b94c4251e6a841672f3df96e3d503d380ef1b.tar.gz firejail-2e1b94c4251e6a841672f3df96e3d503d380ef1b.tar.zst firejail-2e1b94c4251e6a841672f3df96e3d503d380ef1b.zip |
private-bin conversion
Diffstat (limited to 'etc/palemoon.profile')
-rw-r--r-- | etc/palemoon.profile | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/etc/palemoon.profile b/etc/palemoon.profile index a74954ddb..302c20d7d 100644 --- a/etc/palemoon.profile +++ b/etc/palemoon.profile | |||
@@ -1,31 +1,30 @@ | |||
1 | # Firejail profile for Pale Moon | 1 | # Firejail profile for Pale Moon |
2 | |||
3 | # Noblacklists | ||
4 | noblacklist ~/.moonchild productions/pale moon | 2 | noblacklist ~/.moonchild productions/pale moon |
5 | noblacklist ~/.cache/moonchild productions/pale moon | 3 | noblacklist ~/.cache/moonchild productions/pale moon |
6 | |||
7 | # Included profiles | ||
8 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 5 | include /etc/firejail/disable-programs.inc |
10 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
11 | include /etc/firejail/whitelist-common.inc | 7 | include /etc/firejail/whitelist-common.inc |
12 | 8 | ||
13 | # Options | 9 | whitelist ${DOWNLOADS} |
10 | mkdir ~/.moonchild productions | ||
11 | whitelist ~/.moonchild productions | ||
12 | mkdir ~/.cache | ||
13 | mkdir ~/.cache/moonchild productions | ||
14 | mkdir ~/.cache/moonchild productions/pale moon | ||
15 | whitelist ~/.cache/moonchild productions/pale moon | ||
16 | |||
14 | caps.drop all | 17 | caps.drop all |
15 | netfilter | 18 | netfilter |
19 | nogroups | ||
16 | nonewprivs | 20 | nonewprivs |
17 | noroot | 21 | noroot |
18 | protocol unix,inet,inet6,netlink | 22 | protocol unix,inet,inet6,netlink |
19 | seccomp | 23 | seccomp |
24 | shell none | ||
20 | tracelog | 25 | tracelog |
21 | 26 | ||
22 | whitelist ${DOWNLOADS} | 27 | private-bin palemoon |
23 | mkdir ~/.moonchild productions | ||
24 | whitelist ~/.moonchild productions | ||
25 | mkdir ~/.cache | ||
26 | mkdir ~/.cache/moonchild productions | ||
27 | mkdir ~/.cache/moonchild productions/pale moon | ||
28 | whitelist ~/.cache/moonchild productions/pale moon | ||
29 | 28 | ||
30 | # These are uncommented in the Firefox profile. If you run into trouble you may | 29 | # These are uncommented in the Firefox profile. If you run into trouble you may |
31 | # want to uncomment (some of) them. | 30 | # want to uncomment (some of) them. |
@@ -56,3 +55,4 @@ whitelist ~/.config/lastpass | |||
56 | 55 | ||
57 | # experimental features | 56 | # experimental features |
58 | #private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse | 57 | #private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse |
58 | #private-dev (disabled for now as it will interfere with webcam use in palemoon) | ||