diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-05-02 17:58:02 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-02 17:58:02 +0000 |
commit | 49280197ccf830b708b1b7c4d6fb8b3590f44da2 (patch) | |
tree | 76ae21d4faa96a2970738aedc693b6b9ed3183c8 /etc/profile-a-l/frozen-bubble.profile | |
parent | fixes for zeal.profile (diff) | |
download | firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.tar.gz firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.tar.zst firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.zip |
various hardening (#3394)
Diffstat (limited to 'etc/profile-a-l/frozen-bubble.profile')
-rw-r--r-- | etc/profile-a-l/frozen-bubble.profile | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/etc/profile-a-l/frozen-bubble.profile b/etc/profile-a-l/frozen-bubble.profile index d1dc64bb9..9245ae3a9 100644 --- a/etc/profile-a-l/frozen-bubble.profile +++ b/etc/profile-a-l/frozen-bubble.profile | |||
@@ -17,10 +17,14 @@ include disable-exec.inc | |||
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-xdg.inc | ||
20 | 21 | ||
21 | mkdir ${HOME}/.frozen-bubble | 22 | mkdir ${HOME}/.frozen-bubble |
22 | whitelist ${HOME}/.frozen-bubble | 23 | whitelist ${HOME}/.frozen-bubble |
24 | whitelist /usr/share/perl5 | ||
23 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | ||
27 | include whitelist-usr-share-common.inc | ||
24 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
25 | 29 | ||
26 | apparmor | 30 | apparmor |
@@ -36,6 +40,7 @@ novideo | |||
36 | protocol unix,netlink | 40 | protocol unix,netlink |
37 | seccomp | 41 | seccomp |
38 | shell none | 42 | shell none |
43 | tracelog | ||
39 | 44 | ||
40 | disable-mnt | 45 | disable-mnt |
41 | # private-bin frozen-bubble | 46 | # private-bin frozen-bubble |