diff options
| author |  glitsj16 <glitsj16@users.noreply.github.com> | 2019-03-16 17:49:01 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2019-03-16 17:49:01 +0000 |
| commit | 0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c (patch) | |
| tree | f95e3eb3c3e9680ecab513c8d6be3736d372c3c5 /etc/seahorse-daemon.profile | |
| parent | Fix assogiate's private-bin (#2603) (diff) | |
| download | firejail-0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c.tar.gz firejail-0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c.tar.zst firejail-0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c.zip | |
Seahorse revisited (#2600)
* Refactor seahorse into a whitelist profile
* Refactor seahorse-tool as a whitelist profile
* Create seahorse-daemon.profile
* Add seahorse-daemon to firecfg
* Drop blacklist /tmp/.X11-unix from seahorse.profile
Thanks to @rusty-snake for pointing out blacklisting /tmp/.X11-unix is ridiculous for GUI's.
* Add non-GUI option to seahorse-daemon
Diffstat (limited to 'etc/seahorse-daemon.profile')
| -rw-r--r-- | etc/seahorse-daemon.profile | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/etc/seahorse-daemon.profile b/etc/seahorse-daemon.profile new file mode 100644 index 000000000..1beb0edc6 --- /dev/null +++ b/etc/seahorse-daemon.profile | |||
| @@ -0,0 +1,15 @@ | |||
| 1 | # Firejail profile for seahorse-daemon | ||
| 2 | # Description: PGP encryption and signing | ||
| 3 | # This file is overwritten after every install/update | ||
| 4 | # Persistent local customizations | ||
| 5 | include seahorse-daemon.local | ||
| 6 | # Persistent global definitions | ||
| 7 | # added by included profile | ||
| 8 | #include globals.local | ||
| 9 | |||
| 10 | blacklist /tmp/.X11-unix | ||
| 11 | |||
| 12 | memory-deny-write-execute | ||
| 13 | |||
| 14 | # Redirect | ||
| 15 | include seahorse.profile | ||