diff options
author | Nex <nex@nex.sx> | 2020-12-29 17:53:40 +0100 |
---|---|---|
committer | Nex <nex@nex.sx> | 2020-12-29 17:53:40 +0100 |
commit | d60281e009d13ca997a1b2e2483a6a52f5355370 (patch) | |
tree | f3235c6d2c30a7802199a6180b314a3f96b0be27 /etc/profile-a-l/coyim.profile | |
parent | Added some more restrictions to coyim profile (diff) | |
download | firejail-d60281e009d13ca997a1b2e2483a6a52f5355370.tar.gz firejail-d60281e009d13ca997a1b2e2483a6a52f5355370.tar.zst firejail-d60281e009d13ca997a1b2e2483a6a52f5355370.zip |
Implementing some of the suggested changes from #3853
Diffstat (limited to 'etc/profile-a-l/coyim.profile')
-rw-r--r-- | etc/profile-a-l/coyim.profile | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/etc/profile-a-l/coyim.profile b/etc/profile-a-l/coyim.profile index 2ca6c20f8..80aae097e 100644 --- a/etc/profile-a-l/coyim.profile +++ b/etc/profile-a-l/coyim.profile | |||
@@ -15,11 +15,11 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-write-mnt.inc | ||
19 | include disable-xdg.inc | 18 | include disable-xdg.inc |
20 | 19 | ||
21 | mkdir ${HOME}/.config/coyim | 20 | mkdir ${HOME}/.config/coyim |
22 | whitelist ${HOME}/.config/coyim | 21 | whitelist ${HOME}/.config/coyim |
22 | include whitelist-common.inc | ||
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
25 | netfilter | 25 | netfilter |
@@ -37,10 +37,10 @@ tracelog | |||
37 | disable-mnt | 37 | disable-mnt |
38 | private-cache | 38 | private-cache |
39 | private-dev | 39 | private-dev |
40 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ssl | 40 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,ssl |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
43 | dbus-user none | 43 | dbus-user none |
44 | dbus-system none | 44 | dbus-system none |
45 | 45 | ||
46 | memory-deny-write-execute | 46 | #memory-deny-write-execute |