Sync start-tor-browser with torbrowser-launcher profile'

start-tor-browser.profile should stay seperate from torbrowser-launcher for the case when downloaded manually. The other tor-browser-* are okay to extend torbrowser-launcher because their paths are known.
author: Tad <tad@spotco.us> 2018-02-27 02:34:22 -0500
committer: Tad <tad@spotco.us> 2018-02-27 02:34:22 -0500
commit: 63d455fbe6cfde2f97137f51b779d44f22cb4675 (patch)
tree: 6aaf268fa06938fdcc72ca450d5a9e6c94521172 /etc/start-tor-browser.profile
parent: Add ld.so.cache to torbrowser-launcher.profile (diff)
download: firejail-63d455fbe6cfde2f97137f51b779d44f22cb4675.tar.gz
firejail-63d455fbe6cfde2f97137f51b779d44f22cb4675.tar.zst
firejail-63d455fbe6cfde2f97137f51b779d44f22cb4675.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/etc/start-tor-browser.profile b/etc/start-tor-browser.profile
index a2bf47281..4cec0ad81 100644
--- a/etc/start-tor-browser.profile
+++ b/etc/start-tor-browser.profile
@@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/whitelist-var-common.inc
 caps.drop all
 netfilter
 nodvd
@@ -25,9 +27,9 @@ shell none
 tracelog
 disable-mnt
-private-bin bash,sh,grep,tail,env,gpg,id,readlink,dirname,test,mkdir,ln,sed,cp,rm,getconf
+private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher
 private-dev
-private-etc fonts
+private-etc fonts,hostname,hosts,resolv.conf,pki,ssl,ca-certificates,crypto-policies,alsa,asound.conf,pulse,machine-id,ld.so.cache
 private-tmp
 noexec /tmp
author	Tad <tad@spotco.us>	2018-02-27 02:34:22 -0500
committer	Tad <tad@spotco.us>	2018-02-27 02:34:22 -0500
commit	63d455fbe6cfde2f97137f51b779d44f22cb4675 (patch)
tree	6aaf268fa06938fdcc72ca450d5a9e6c94521172 /etc/start-tor-browser.profile
parent	Add ld.so.cache to torbrowser-launcher.profile (diff)
download	firejail-63d455fbe6cfde2f97137f51b779d44f22cb4675.tar.gz firejail-63d455fbe6cfde2f97137f51b779d44f22cb4675.tar.zst firejail-63d455fbe6cfde2f97137f51b779d44f22cb4675.zip

diff --git a/etc/start-tor-browser.profile b/etc/start-tor-browser.profile index a2bf47281..4cec0ad81 100644 --- a/etc/start-tor-browser.profile +++ b/etc/start-tor-browser.profile
@@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc
11	include /etc/firejail/disable-passwdmgr.inc	11	include /etc/firejail/disable-passwdmgr.inc
12	include /etc/firejail/disable-programs.inc	12	include /etc/firejail/disable-programs.inc
13		13
		14	include /etc/firejail/whitelist-var-common.inc
		15
14	caps.drop all	16	caps.drop all
15	netfilter	17	netfilter
16	nodvd	18	nodvd
@@ -25,9 +27,9 @@ shell none
25	tracelog	27	tracelog
26		28
27	disable-mnt	29	disable-mnt
28	private-bin bash,sh,grep,tail,env,gpg,id,readlink,dirname,test,mkdir,ln,sed,cp,rm,getconf	30	private-bin bash,cp,dirname,env,expr,file,getconf,gpg,grep,id,ln,mkdir,python*,readlink,rm,sed,sh,tail,test,tor-browser-en,torbrowser-launcher
29	private-dev	31	private-dev
30	private-etc fonts	32	private-etc fonts,hostname,hosts,resolv.conf,pki,ssl,ca-certificates,crypto-policies,alsa,asound.conf,pulse,machine-id,ld.so.cache
31	private-tmp	33	private-tmp
32		34
33	noexec /tmp	35	noexec /tmp