diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-04-12 08:52:06 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-04-12 08:52:06 +0200 |
commit | 2ae7295f1a8d24217ccbf0fef149df0042969b56 (patch) | |
tree | 7befb3efffa6e3d2b91e2d6640cff781d90c905d /etc/profile-a-l | |
parent | Merge pull request #4180 from jose1711/readme_typo (diff) | |
download | firejail-2ae7295f1a8d24217ccbf0fef149df0042969b56.tar.gz firejail-2ae7295f1a8d24217ccbf0fef149df0042969b56.tar.zst firejail-2ae7295f1a8d24217ccbf0fef149df0042969b56.zip |
profile fixes
discord-canary.profile:
fix #4175
flameshot.profile:
- private-tmp break flameshot (wayland only?)
- Screengrabbing (under wayland) is done via dbus, the following names
must be allowed:
- GNOME: org.gnome.Shell
- KDE: org.kde.KWin
- Sway: org.freedesktop.portal.Desktop
- Allow notifications and tray too, because org.gnome.Shell (for
example) is already totaly unsafe.
mumble.profile:
fix #4181
Diffstat (limited to 'etc/profile-a-l')
-rw-r--r-- | etc/profile-a-l/discord-canary.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/flameshot.profile | 8 |
2 files changed, 8 insertions, 2 deletions
diff --git a/etc/profile-a-l/discord-canary.profile b/etc/profile-a-l/discord-canary.profile index 3e9dacd1e..43db95b8a 100644 --- a/etc/profile-a-l/discord-canary.profile +++ b/etc/profile-a-l/discord-canary.profile | |||
@@ -10,7 +10,7 @@ noblacklist ${HOME}/.config/discordcanary | |||
10 | mkdir ${HOME}/.config/discordcanary | 10 | mkdir ${HOME}/.config/discordcanary |
11 | whitelist ${HOME}/.config/discordcanary | 11 | whitelist ${HOME}/.config/discordcanary |
12 | 12 | ||
13 | private-bin discord-canary | 13 | private-bin discord-canary,electron,electron[0-9],electron[0-9][0-9] |
14 | private-opt discord-canary | 14 | private-opt discord-canary |
15 | 15 | ||
16 | # Redirect | 16 | # Redirect |
diff --git a/etc/profile-a-l/flameshot.profile b/etc/profile-a-l/flameshot.profile index 851a7c747..d1c18e690 100644 --- a/etc/profile-a-l/flameshot.profile +++ b/etc/profile-a-l/flameshot.profile | |||
@@ -54,9 +54,15 @@ private-bin flameshot | |||
54 | private-cache | 54 | private-cache |
55 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.conf,machine-id,pki,resolv.conf,ssl | 55 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.conf,machine-id,pki,resolv.conf,ssl |
56 | private-dev | 56 | private-dev |
57 | private-tmp | 57 | #private-tmp |
58 | 58 | ||
59 | dbus-user filter | 59 | dbus-user filter |
60 | dbus-user.own org.dharkael.Flameshot | 60 | dbus-user.own org.dharkael.Flameshot |
61 | dbus-user.own org.flameshot.Flameshot | 61 | dbus-user.own org.flameshot.Flameshot |
62 | dbus-user.talk org.freedesktop.Notifications | ||
63 | dbus-user.talk org.freedesktop.portal.Desktop | ||
64 | dbus-user.talk org.gnome.Shell | ||
65 | dbus-user.talk org.kde.KWin | ||
66 | dbus-user.talk org.kde.StatusNotifierWatcher | ||
67 | dbus-user.own org.kde.* | ||
62 | dbus-system none | 68 | dbus-system none |