diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-03-06 04:25:41 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-06 04:25:41 +0000 |
commit | f40cdf7ae36db8c14d5bf7ec8c2797ca7721316e (patch) | |
tree | 8f935eac1476f43b4b942c2d89305ee128a24f0d /etc/sqlitebrowser.profile | |
parent | Add dirname to private-bin in spectre-meltdown-checker (#2524) (diff) | |
download | firejail-f40cdf7ae36db8c14d5bf7ec8c2797ca7721316e.tar.gz firejail-f40cdf7ae36db8c14d5bf7ec8c2797ca7721316e.tar.zst firejail-f40cdf7ae36db8c14d5bf7ec8c2797ca7721316e.zip |
Add network functionality in sqlitebrowser.profile (#2525)
Diffstat (limited to 'etc/sqlitebrowser.profile')
-rw-r--r-- | etc/sqlitebrowser.profile | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/etc/sqlitebrowser.profile b/etc/sqlitebrowser.profile index 6bdd437cd..8122079e1 100644 --- a/etc/sqlitebrowser.profile +++ b/etc/sqlitebrowser.profile | |||
@@ -18,10 +18,11 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | include whitelist-var-common.inc | 19 | include whitelist-var-common.inc |
20 | 20 | ||
21 | apparmor | ||
21 | caps.drop all | 22 | caps.drop all |
22 | net none | 23 | ipc-namespace |
23 | no3d | 24 | netfilter |
24 | nodbus | 25 | # nodbus - breaks proxy creation |
25 | nodvd | 26 | nodvd |
26 | nogroups | 27 | nogroups |
27 | nonewprivs | 28 | nonewprivs |
@@ -30,15 +31,16 @@ nosound | |||
30 | notv | 31 | notv |
31 | nou2f | 32 | nou2f |
32 | novideo | 33 | novideo |
33 | protocol unix | 34 | protocol unix,inet,inet6,netlink |
34 | seccomp | 35 | seccomp |
35 | shell none | 36 | shell none |
36 | 37 | ||
37 | private-bin sqlitebrowser | 38 | private-bin sqlitebrowser |
38 | private-cache | 39 | private-cache |
39 | private-dev | 40 | private-dev |
41 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,machine-id,passwd,pki,ssl | ||
40 | private-tmp | 42 | private-tmp |
41 | 43 | ||
42 | # memory-deny-write-execute - breaks on Arch | 44 | memory-deny-write-execute |
43 | noexec ${HOME} | 45 | noexec ${HOME} |
44 | noexec /tmp | 46 | noexec /tmp |