diff options
author | Thomas Jarosch <thomas.jarosch@intra2net.com> | 2016-07-30 23:10:50 +0200 |
---|---|---|
committer | Thomas Jarosch <thomas.jarosch@intra2net.com> | 2016-07-30 23:55:16 +0200 |
commit | 2d60937932a44ed5dfe3afecdae846386275a25a (patch) | |
tree | 7c73bb02ca722174ef5387fdbb2988f6b193b5a2 /etc/unzip.profile | |
parent | fixes (diff) | |
download | firejail-2d60937932a44ed5dfe3afecdae846386275a25a.tar.gz firejail-2d60937932a44ed5dfe3afecdae846386275a25a.tar.zst firejail-2d60937932a44ed5dfe3afecdae846386275a25a.zip |
Add profiles for tar (gtar), unzip and unrar
I've tested compression and uncompression of
various tar formats and also straced unzip/unrar
regarding their file access in /etc.
-> should be fine.
If you want to unpack files in /usr/bin,
then use the --ignore=private-bin switch.
Same for /etc: --ignore=private-etc
Diffstat (limited to 'etc/unzip.profile')
-rw-r--r-- | etc/unzip.profile | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/etc/unzip.profile b/etc/unzip.profile new file mode 100644 index 000000000..d4862004c --- /dev/null +++ b/etc/unzip.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # unzip profile | ||
2 | include /etc/firejail/default.profile | ||
3 | |||
4 | tracelog | ||
5 | net none | ||
6 | shell none | ||
7 | private-bin unzip | ||
8 | private-dev | ||
9 | private-etc passwd,group,localtime | ||
10 | hostname unzip | ||
11 | nosound | ||