diff options
author | Tad <tad@spotco.us> | 2018-01-01 05:38:43 -0500 |
---|---|---|
committer | Tad <tad@spotco.us> | 2018-01-01 05:38:43 -0500 |
commit | 2cd93846c5133608e9870c6b8c0955bf0a09ab81 (patch) | |
tree | bb12bdc5453188a4eeb4aa5e7f62017d74daef4e /etc/tor-browser-zh-cn.profile | |
parent | tor flavours (diff) | |
download | firejail-2cd93846c5133608e9870c6b8c0955bf0a09ab81.tar.gz firejail-2cd93846c5133608e9870c6b8c0955bf0a09ab81.tar.zst firejail-2cd93846c5133608e9870c6b8c0955bf0a09ab81.zip |
Simplfy locale specific Tor Browser profiles
Diffstat (limited to 'etc/tor-browser-zh-cn.profile')
-rw-r--r-- | etc/tor-browser-zh-cn.profile | 38 |
1 files changed, 5 insertions, 33 deletions
diff --git a/etc/tor-browser-zh-cn.profile b/etc/tor-browser-zh-cn.profile index af04674f0..330574dd3 100644 --- a/etc/tor-browser-zh-cn.profile +++ b/etc/tor-browser-zh-cn.profile | |||
@@ -1,36 +1,8 @@ | |||
1 | # Firejail profile for tor-browser-zh-cn from the Arch User Repository: | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | ||
2 | 3 | ||
3 | 4 | noblacklist ${HOME}/.tor-browser-zh-cn | |
4 | blacklist /usr/local/bin | ||
5 | blacklist /boot | ||
6 | blacklist /media | ||
7 | blacklist /mnt | ||
8 | blacklist /opt | ||
9 | blacklist /var | ||
10 | |||
11 | private-bin bash,grep,sed,tail,tor-browser-zh-cn,env,id,readlink,dirname,test,mkdir,ln,sed,cp,rm,getconf,file,expr | ||
12 | whitelist ${HOME}/.tor-browser-zh-cn | 5 | whitelist ${HOME}/.tor-browser-zh-cn |
13 | whitelist /dev/dri | ||
14 | whitelist /dev/full | ||
15 | whitelist /dev/null | ||
16 | whitelist /dev/ptmx | ||
17 | whitelist /dev/pts | ||
18 | whitelist /dev/random | ||
19 | whitelist /dev/shm | ||
20 | whitelist /dev/snd | ||
21 | whitelist /dev/tty | ||
22 | whitelist /dev/urandom | ||
23 | whitelist /dev/video0 | ||
24 | whitelist /dev/zero | ||
25 | whitelist ~/Downloads | ||
26 | |||
27 | # FIXME: Spoof D-Bus machine id (tor-browser segfaults when it is missing!) | ||
28 | # https://github.com/netblue30/firejail/issues/955 | ||
29 | private-etc X11,pulse,machine-id | ||
30 | 6 | ||
31 | private-tmp | 7 | # Redirect |
32 | noexec /tmp | 8 | include /etc/firejail/torbrowser-launcher.profile |
33 | shell none | ||
34 | seccomp | ||
35 | noroot | ||
36 | caps.drop all | ||