diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-05-02 17:58:02 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-02 17:58:02 +0000 |
commit | 49280197ccf830b708b1b7c4d6fb8b3590f44da2 (patch) | |
tree | 76ae21d4faa96a2970738aedc693b6b9ed3183c8 /etc/profile-m-z/pingus.profile | |
parent | fixes for zeal.profile (diff) | |
download | firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.tar.gz firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.tar.zst firejail-49280197ccf830b708b1b7c4d6fb8b3590f44da2.zip |
various hardening (#3394)
Diffstat (limited to 'etc/profile-m-z/pingus.profile')
-rw-r--r-- | etc/profile-m-z/pingus.profile | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile index cfe45b9c9..0b6a9ad5f 100644 --- a/etc/profile-m-z/pingus.profile +++ b/etc/profile-m-z/pingus.profile | |||
@@ -14,10 +14,14 @@ include disable-exec.inc | |||
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | ||
17 | 18 | ||
18 | mkdir ${HOME}/.pingus | 19 | mkdir ${HOME}/.pingus |
19 | whitelist ${HOME}/.pingus | 20 | whitelist ${HOME}/.pingus |
21 | whitelist /usr/share/pingus | ||
20 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
22 | 26 | ||
23 | apparmor | 27 | apparmor |
@@ -33,9 +37,13 @@ novideo | |||
33 | protocol unix,netlink | 37 | protocol unix,netlink |
34 | seccomp | 38 | seccomp |
35 | shell none | 39 | shell none |
40 | tracelog | ||
36 | 41 | ||
37 | # private-bin pingus | 42 | disbale-mnt |
43 | private-bin pingus,pingus.bin,sh | ||
44 | private-cache | ||
38 | private-dev | 45 | private-dev |
46 | private-etc machine-id | ||
39 | private-tmp | 47 | private-tmp |
40 | 48 | ||
41 | dbus-user none | 49 | dbus-user none |