diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-11-10 11:32:46 +0100 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-11-10 11:32:46 +0100 |
commit | af03401fb76217a1e4b4eac8393b88eef4f41099 (patch) | |
tree | 8029b17de1d74706692ee166668b285ce2d39c8e /etc/strings.profile | |
parent | add kfind profile (diff) | |
download | firejail-af03401fb76217a1e4b4eac8393b88eef4f41099.tar.gz firejail-af03401fb76217a1e4b4eac8393b88eef4f41099.tar.zst firejail-af03401fb76217a1e4b4eac8393b88eef4f41099.zip |
rework strings.profile
close #2988
Diffstat (limited to 'etc/strings.profile')
-rw-r--r-- | etc/strings.profile | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/etc/strings.profile b/etc/strings.profile index 0817d7331..52b762108 100644 --- a/etc/strings.profile +++ b/etc/strings.profile | |||
@@ -7,12 +7,16 @@ include strings.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | include disable-common.inc | 10 | #include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | 12 | include disable-exec.inc |
13 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 15 | #include disable-programs.inc |
16 | #include disable-xdg.inc | ||
17 | |||
18 | #include whitelist-usr-share-common.inc | ||
19 | #include whitelist-var-common.inc | ||
16 | 20 | ||
17 | apparmor | 21 | apparmor |
18 | caps.drop all | 22 | caps.drop all |
@@ -36,11 +40,11 @@ tracelog | |||
36 | x11 none | 40 | x11 none |
37 | 41 | ||
38 | #private | 42 | #private |
39 | private-bin strings | 43 | #private-bin strings |
40 | private-cache | 44 | private-cache |
41 | private-dev | 45 | private-dev |
42 | private-etc alternatives | 46 | #private-etc alternatives |
43 | private-lib libfakeroot | 47 | #private-lib libfakeroot |
44 | private-tmp | 48 | private-tmp |
45 | 49 | ||
46 | memory-deny-write-execute | 50 | memory-deny-write-execute |