diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2020-11-23 10:57:17 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-23 10:57:17 +0000 |
commit | 5d39ac4b3d1a0a3d40ab9e36f974634408f9711a (patch) | |
tree | 77013400e389ee222bb3f1189b4abf04b26707cf /etc/profile-m-z/xfce4-mixer.profile | |
parent | Merge pull request #3766 from kris7t/runuser-fixes (diff) | |
download | firejail-5d39ac4b3d1a0a3d40ab9e36f974634408f9711a.tar.gz firejail-5d39ac4b3d1a0a3d40ab9e36f974634408f9711a.tar.zst firejail-5d39ac4b3d1a0a3d40ab9e36f974634408f9711a.zip |
harden xfce4-mixer.profile
Diffstat (limited to 'etc/profile-m-z/xfce4-mixer.profile')
-rw-r--r-- | etc/profile-m-z/xfce4-mixer.profile | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile index 6ff4a1103..16a504ab3 100644 --- a/etc/profile-m-z/xfce4-mixer.profile +++ b/etc/profile-m-z/xfce4-mixer.profile | |||
@@ -19,6 +19,7 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 20 | mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
21 | whitelist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 21 | whitelist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
22 | whitelist /usr/share/gstreamer | ||
22 | whitelist /usr/share/xfce4 | 23 | whitelist /usr/share/xfce4 |
23 | whitelist /usr/share/xfce4-mixer | 24 | whitelist /usr/share/xfce4-mixer |
24 | include whitelist-common.inc | 25 | include whitelist-common.inc |
@@ -48,7 +49,9 @@ private-dev | |||
48 | private-etc alternatives,asound.conf,fonts,machine-id,pulse | 49 | private-etc alternatives,asound.conf,fonts,machine-id,pulse |
49 | private-tmp | 50 | private-tmp |
50 | 51 | ||
51 | # dbus-user none | 52 | dbus-user filter |
52 | # dbus-system none | 53 | dbus-user.own org.xfce.xfce4-mixer |
54 | dbus-user.talk org.xfce.Xfconf | ||
55 | dbus-system none | ||
53 | 56 | ||
54 | memory-deny-write-execute | 57 | memory-deny-write-execute |