diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-03-16 17:49:01 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-16 17:49:01 +0000 |
commit | 0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c (patch) | |
tree | f95e3eb3c3e9680ecab513c8d6be3736d372c3c5 /etc/seahorse-daemon.profile | |
parent | Fix assogiate's private-bin (#2603) (diff) | |
download | firejail-0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c.tar.gz firejail-0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c.tar.zst firejail-0ea4ed8408f6fc506f9e4bef0f9e94fe14ea8d9c.zip |
Seahorse revisited (#2600)
* Refactor seahorse into a whitelist profile
* Refactor seahorse-tool as a whitelist profile
* Create seahorse-daemon.profile
* Add seahorse-daemon to firecfg
* Drop blacklist /tmp/.X11-unix from seahorse.profile
Thanks to @rusty-snake for pointing out blacklisting /tmp/.X11-unix is ridiculous for GUI's.
* Add non-GUI option to seahorse-daemon
Diffstat (limited to 'etc/seahorse-daemon.profile')
-rw-r--r-- | etc/seahorse-daemon.profile | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/etc/seahorse-daemon.profile b/etc/seahorse-daemon.profile new file mode 100644 index 000000000..1beb0edc6 --- /dev/null +++ b/etc/seahorse-daemon.profile | |||
@@ -0,0 +1,15 @@ | |||
1 | # Firejail profile for seahorse-daemon | ||
2 | # Description: PGP encryption and signing | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include seahorse-daemon.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include globals.local | ||
9 | |||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | memory-deny-write-execute | ||
13 | |||
14 | # Redirect | ||
15 | include seahorse.profile | ||