aboutsummaryrefslogtreecommitdiffstats
path: root/etc/profile-a-l/geary.profile
diff options
context:
space:
mode:
authorLibravatar bbhtt <62639087+bbhtt@users.noreply.github.com>2020-12-28 13:10:15 +0000
committerLibravatar bbhtt <62639087+bbhtt@users.noreply.github.com>2020-12-28 13:10:15 +0000
commita8a8e33bc17263db763cd7bd803314f8d5dbd2c5 (patch)
treee6941abe0856b28a6f1b68c58ae88e8b4e68330a /etc/profile-a-l/geary.profile
parentshell autoselection fixup (diff)
downloadfirejail-a8a8e33bc17263db763cd7bd803314f8d5dbd2c5.tar.gz
firejail-a8a8e33bc17263db763cd7bd803314f8d5dbd2c5.tar.zst
firejail-a8a8e33bc17263db763cd7bd803314f8d5dbd2c5.zip
Add whitelisting to mutt; improve geary, new profile for neomutt
Diffstat (limited to 'etc/profile-a-l/geary.profile')
-rw-r--r--etc/profile-a-l/geary.profile61
1 files changed, 49 insertions, 12 deletions
diff --git a/etc/profile-a-l/geary.profile b/etc/profile-a-l/geary.profile
index f4e5a392f..3f96d8b25 100644
--- a/etc/profile-a-l/geary.profile
+++ b/etc/profile-a-l/geary.profile
@@ -4,19 +4,21 @@
4# Persistent local customizations 4# Persistent local customizations
5include geary.local 5include geary.local
6# Persistent global definitions 6# Persistent global definitions
7# added by included profile 7include globals.local
8#include globals.local
9
10# Users have Geary set to open a browser by clicking a link in an email
11# We are not allowed to blacklist browser-specific directories
12
13ignore dbus-user filter
14ignore dbus-system none
15ignore private-tmp
16 8
17noblacklist ${HOME}/.cache/geary 9noblacklist ${HOME}/.cache/geary
18noblacklist ${HOME}/.config/geary 10noblacklist ${HOME}/.config/geary
19noblacklist ${HOME}/.local/share/geary 11noblacklist ${HOME}/.local/share/geary
12noblacklist ${HOME}/.mozilla
13
14include disable-common.inc
15include disable-devel.inc
16include disable-exec.inc
17include disable-interpreters.inc
18include disable-passwdmgr.inc
19include disable-programs.inc
20include disable-shell.inc
21include disable-xdg.inc
20 22
21mkdir ${HOME}/.cache/geary 23mkdir ${HOME}/.cache/geary
22mkdir ${HOME}/.config/geary 24mkdir ${HOME}/.config/geary
@@ -24,8 +26,43 @@ mkdir ${HOME}/.local/share/geary
24whitelist ${HOME}/.cache/geary 26whitelist ${HOME}/.cache/geary
25whitelist ${HOME}/.config/geary 27whitelist ${HOME}/.config/geary
26whitelist ${HOME}/.local/share/geary 28whitelist ${HOME}/.local/share/geary
29whitelist ${HOME}/.mozilla/firefox/profiles.ini
30whitelist ${DOWNLOADS}
27whitelist /usr/share/geary 31whitelist /usr/share/geary
32include whitelist-common.inc
33include whitelist-runuser-common.inc
34include whitelist-usr-share-common.inc
35include whitelist-var-common.inc
36
37apparmor
38caps.drop all
39netfilter
40no3d
41nodvd
42nogroups
43nonewprivs
44noroot
45nosound
46notv
47nou2f
48novideo
49protocol unix,inet,inet6
50seccomp
51shell none
52tracelog
53
54# disable-mnt
55# Add ignore private-bin to geary.local for hyperlink support
56private-bin geary
57private-cache
58private-dev
59private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,pki,resolv.conf,selinux,ssl,xdg
60private-tmp
61
62dbus-user filter
63dbus-user.own org.gnome.Geary
64dbus-user.talk ca.desrt.dconf
65dbus-user.talk org.freedesktop.secrets
66dbus-system none
28 67
29# allow Mozilla browsers 68read-only ${HOME}/.mozilla/firefox/profiles.ini
30# Redirect
31include firefox.profile
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 13:04:55 +0000