diff options
author | Your Name <you@example.com> | 2017-12-30 16:34:44 -0400 |
---|---|---|
committer | Your Name <you@example.com> | 2017-12-30 16:34:44 -0400 |
commit | dbb8a4568ec21b563cf6face932add5af4144334 (patch) | |
tree | 3ba4f8a156584f358dd0bbf8841af941a7b364dc /etc/tor-browser-ko.profile | |
parent | README (diff) | |
download | firejail-dbb8a4568ec21b563cf6face932add5af4144334.tar.gz firejail-dbb8a4568ec21b563cf6face932add5af4144334.tar.zst firejail-dbb8a4568ec21b563cf6face932add5af4144334.zip |
tor flavours
Diffstat (limited to 'etc/tor-browser-ko.profile')
-rw-r--r-- | etc/tor-browser-ko.profile | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/etc/tor-browser-ko.profile b/etc/tor-browser-ko.profile new file mode 100644 index 000000000..6e87bd24f --- /dev/null +++ b/etc/tor-browser-ko.profile | |||
@@ -0,0 +1,36 @@ | |||
1 | # Firejail profile for tor-browser-ko from the Arch User Repository: | ||
2 | |||
3 | |||
4 | blacklist /usr/local/bin | ||
5 | blacklist /boot | ||
6 | blacklist /media | ||
7 | blacklist /mnt | ||
8 | blacklist /opt | ||
9 | blacklist /var | ||
10 | |||
11 | private-bin bash,grep,sed,tail,tor-browser-ko,env,id,readlink,dirname,test,mkdir,ln,sed,cp,rm,getconf,file,expr | ||
12 | whitelist ${HOME}/.tor-browser-ko | ||
13 | whitelist /dev/dri | ||
14 | whitelist /dev/full | ||
15 | whitelist /dev/null | ||
16 | whitelist /dev/ptmx | ||
17 | whitelist /dev/pts | ||
18 | whitelist /dev/random | ||
19 | whitelist /dev/shm | ||
20 | whitelist /dev/snd | ||
21 | whitelist /dev/tty | ||
22 | whitelist /dev/urandom | ||
23 | whitelist /dev/video0 | ||
24 | whitelist /dev/zero | ||
25 | whitelist ~/Downloads | ||
26 | |||
27 | # FIXME: Spoof D-Bus machine id (tor-browser segfaults when it is missing!) | ||
28 | # https://github.com/netblue30/firejail/issues/955 | ||
29 | private-etc X11,pulse,machine-id | ||
30 | |||
31 | private-tmp | ||
32 | noexec /tmp | ||
33 | shell none | ||
34 | seccomp | ||
35 | noroot | ||
36 | caps.drop all | ||