diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-09-30 08:18:19 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-09-30 08:26:28 +0200 |
commit | f3912910c1a92883671fce6b75a72ec7de865716 (patch) | |
tree | 2dcacaf5d2e259ce4cf71c968d769533e6858591 /etc/profile-a-l/inkscape.profile | |
parent | Rework D-Bus policy of nheko (diff) | |
download | firejail-f3912910c1a92883671fce6b75a72ec7de865716.tar.gz firejail-f3912910c1a92883671fce6b75a72ec7de865716.tar.zst firejail-f3912910c1a92883671fce6b75a72ec7de865716.zip |
Profile fixes and hardening
* cheese
- fix: dbus-user.own org.gnome.Cheese
- fix: whitelist /usr/share/gstreamer-1.0
- fix: include allow-python3.inc
- hardening: include disable-shell.inc
- hardening: include whitelist-run-common.inc and whitelist /run/udev/data
- hardening: whitelist /usr/libexec/gstreamer-1.0/gst-plugin-scanner
- hardening: noinput
- hardening: nosound
- hardening: seccomp.block-secondary
- hardening: private-dev
* geekbench (closes #4576)
- fix: noblacklist /sbin and noblacklist /usr/sbin
- fix: noblacklist, blacklist, mkdir, whitelist, read-write ${HOME}/.geekbench5
- fix: comment/remove private-bin, private-lib, private-opt
* inkscape
- add quiet for cli usage
* musixmatch (#4518)
- allow chroot
* pandoc
- fix: include allow-bin-sh.inc
- fix: drop private-bin
- hardening: include whitelist-runuser-common.inc
- hardening: seccomp.block-secondary
Diffstat (limited to 'etc/profile-a-l/inkscape.profile')
-rw-r--r-- | etc/profile-a-l/inkscape.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/profile-a-l/inkscape.profile b/etc/profile-a-l/inkscape.profile index 5e54b5441..e0015e69a 100644 --- a/etc/profile-a-l/inkscape.profile +++ b/etc/profile-a-l/inkscape.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile for inkscape | 1 | # Firejail profile for inkscape |
2 | # Description: Vector-based drawing program | 2 | # Description: Vector-based drawing program |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | # Persistent local customizations | 5 | # Persistent local customizations |
5 | include inkscape.local | 6 | include inkscape.local |
6 | # Persistent global definitions | 7 | # Persistent global definitions |