aboutsummaryrefslogtreecommitdiffstats
path: root/etc/spectre-meltdown-checker.profile
diff options
context:
space:
mode:
authorLibravatar Fred Barclay <Fred-Barclay@users.noreply.github.com>2020-04-07 16:14:25 -0500
committerLibravatar Fred Barclay <Fred-Barclay@users.noreply.github.com>2020-04-07 16:14:25 -0500
commit3848b98961614e1776b29ecfb76ef4c750b6b25f (patch)
tree3c7f0b623978562ee23fba7f52b6a039571cebea /etc/spectre-meltdown-checker.profile
parentdbus-proxy (gnome_games) (diff)
downloadfirejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.gz
firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.zst
firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.zip
Replace `nodbus` with dbus-* filters
See - 07fac581f6b9b5ed068f4c54a9521b51826375c5 for new dbus filters - https://github.com/netblue30/firejail/pull/3326#issuecomment-610423183 Except for ocenaudio, access/restrictions on dbus options should be unchanged Ocenaudio profile: dbus filters were sandboxed (initially `nodbus` was enabled) since comments indicated blocking dbus meant preferences were broken
Diffstat (limited to 'etc/spectre-meltdown-checker.profile')
-rw-r--r--etc/spectre-meltdown-checker.profile4
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile
index e27df4cc8..a0b99abcf 100644
--- a/etc/spectre-meltdown-checker.profile
+++ b/etc/spectre-meltdown-checker.profile
@@ -31,7 +31,6 @@ caps.keep sys_rawio
31ipc-namespace 31ipc-namespace
32net none 32net none
33no3d 33no3d
34nodbus
35nodvd 34nodvd
36nogroups 35nogroups
37nonewprivs 36nonewprivs
@@ -49,4 +48,7 @@ private-bin awk,bzip2,cat,coreos-install,cpucontrol,cut,dd,dirname,dmesg,dnf,ech
49private-cache 48private-cache
50private-tmp 49private-tmp
51 50
51dbus-user none
52dbus-system none
53
52memory-deny-write-execute 54memory-deny-write-execute
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-25 17:20:09 +0000