diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-03-05 07:06:21 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-03-05 07:06:21 +0000 |
commit | e934c66dba83d30fbfdbe16c8d64406f6c2e6bd3 (patch) | |
tree | 359737ade1acf082e0970b74239faa8689f7654d /etc/transmission-cli.profile | |
parent | direct link for new profile requests (diff) | |
download | firejail-e934c66dba83d30fbfdbe16c8d64406f6c2e6bd3.tar.gz firejail-e934c66dba83d30fbfdbe16c8d64406f6c2e6bd3.tar.zst firejail-e934c66dba83d30fbfdbe16c8d64406f6c2e6bd3.zip |
Refactor Transmission profiles (#2516)
* Harden transmission-cli.profile
* Harden transmission-gtk.profile
* Harden transmission-qt.profile
* Harden transmission-show.profile
* Create transmission-create.profile
* Create transmission-daemon.profile
* Create transmission-edit.profile
* Create transmission-remote.profile
* Create transmission-remote-cli.profile
* Create transmission-remote-gtk.profile
* Fix spacing in transmission-remote-cli.profile
* Add transmission-daemon to firecfg
Diffstat (limited to 'etc/transmission-cli.profile')
-rw-r--r-- | etc/transmission-cli.profile | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/etc/transmission-cli.profile b/etc/transmission-cli.profile index 89b9b21dc..65682df52 100644 --- a/etc/transmission-cli.profile +++ b/etc/transmission-cli.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for transmission-cli | 1 | # Firejail profile for transmission-cli |
2 | # Description: Lightweight BitTorrent client | 2 | # Description: Fast, easy and free BitTorrent client (CLI tools and web client) |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | # Persistent local customizations | 5 | # Persistent local customizations |
@@ -16,9 +16,11 @@ include disable-interpreters.inc | |||
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | apparmor | ||
19 | caps.drop all | 20 | caps.drop all |
20 | machine-id | 21 | machine-id |
21 | netfilter | 22 | netfilter |
23 | nodbus | ||
22 | nodvd | 24 | nodvd |
23 | nonewprivs | 25 | nonewprivs |
24 | noroot | 26 | noroot |
@@ -26,14 +28,17 @@ nosound | |||
26 | notv | 28 | notv |
27 | nou2f | 29 | nou2f |
28 | novideo | 30 | novideo |
29 | protocol unix,inet,inet6 | 31 | protocol inet,inet6 |
30 | seccomp | 32 | seccomp |
31 | shell none | 33 | shell none |
32 | tracelog | 34 | tracelog |
33 | 35 | ||
34 | # private-bin transmission-cli | 36 | # private-bin transmission-cli |
35 | private-dev | 37 | private-dev |
36 | private-etc alternatives,ca-certificates,ssl,pki,crypto-policies | 38 | private-etc alternatives,ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl |
39 | private-lib | ||
37 | private-tmp | 40 | private-tmp |
38 | 41 | ||
39 | memory-deny-write-execute | 42 | memory-deny-write-execute |
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||