diff options
author | David Thole <david@thedarktrumpet.com> | 2019-06-01 06:56:57 -0500 |
---|---|---|
committer | David Thole <david@thedarktrumpet.com> | 2019-06-01 06:56:57 -0500 |
commit | 00ef6793e21d4b209f7acceaec86d3093273af16 (patch) | |
tree | caf61cf42475e08797bf73cb6f9d0aac840c24da /etc/teams-for-linux.profile | |
parent | Adding blacklist for teams-for-linux (diff) | |
download | firejail-00ef6793e21d4b209f7acceaec86d3093273af16.tar.gz firejail-00ef6793e21d4b209f7acceaec86d3093273af16.tar.zst firejail-00ef6793e21d4b209f7acceaec86d3093273af16.zip |
Disabling the lines for shell none and moving whitelist to the top of the file
Diffstat (limited to 'etc/teams-for-linux.profile')
-rw-r--r-- | etc/teams-for-linux.profile | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/etc/teams-for-linux.profile b/etc/teams-for-linux.profile index 96929ce60..3cbf6f709 100644 --- a/etc/teams-for-linux.profile +++ b/etc/teams-for-linux.profile | |||
@@ -6,14 +6,16 @@ include teams-for-linux.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | caps.drop all | ||
10 | whitelist ${HOME}/.config/teams-for-linux | ||
9 | include disable-common.inc | 11 | include disable-common.inc |
10 | include disable-devel.inc | 12 | include disable-devel.inc |
11 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
12 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
13 | include disable-programs.inc | 15 | # include disable-programs.inc |
16 | |||
14 | 17 | ||
15 | 18 | ||
16 | caps.drop all | ||
17 | netfilter | 19 | netfilter |
18 | nodvd | 20 | nodvd |
19 | nogroups | 21 | nogroups |
@@ -24,8 +26,8 @@ nou2f | |||
24 | novideo | 26 | novideo |
25 | protocol unix,inet,inet6,netlink | 27 | protocol unix,inet,inet6,netlink |
26 | seccomp | 28 | seccomp |
27 | shell none | 29 | # shell none |
28 | tracelog | 30 | # tracelog |
29 | 31 | ||
30 | private-bin sh,xdg-mime,tr,sed,echo,head,cut,xdg-open,grep,egrep,bash,zsh,teams-for-linux | 32 | private-bin sh,xdg-mime,tr,sed,echo,head,cut,xdg-open,grep,egrep,bash,zsh,teams-for-linux |
31 | private-dev | 33 | private-dev |
@@ -35,5 +37,5 @@ private-cache | |||
35 | disable-mnt | 37 | disable-mnt |
36 | 38 | ||
37 | noblacklist ${HOME}/.config/teams-for-linux | 39 | noblacklist ${HOME}/.config/teams-for-linux |
38 | whitelist ${HOME}/.config/teams-for-linux | 40 | |
39 | noexec /tmp | 41 | noexec /tmp |