diff options
author | Tad <tad@spotco.us> | 2017-07-30 17:32:15 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-08-02 00:13:42 -0400 |
commit | 55b200c440fe49e3a2dadb2634025587083f774b (patch) | |
tree | 18193c7a24dbfb940fd6cee62c1ba64887d288ce /etc/vivaldi.profile | |
parent | Add noexec to more profiles as tested by @curiosity-seeker (diff) | |
download | firejail-55b200c440fe49e3a2dadb2634025587083f774b.tar.gz firejail-55b200c440fe49e3a2dadb2634025587083f774b.tar.zst firejail-55b200c440fe49e3a2dadb2634025587083f774b.zip |
Partially synchronize Chromium-based profiles
Diffstat (limited to 'etc/vivaldi.profile')
-rw-r--r-- | etc/vivaldi.profile | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile index 7b9c4c9c6..fab620499 100644 --- a/etc/vivaldi.profile +++ b/etc/vivaldi.profile | |||
@@ -14,7 +14,6 @@ include /etc/firejail/disable-common.inc | |||
14 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
15 | include /etc/firejail/disable-devel.inc | 15 | include /etc/firejail/disable-devel.inc |
16 | 16 | ||
17 | netfilter | ||
18 | 17 | ||
19 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
20 | mkdir ~/.config/vivaldi | 19 | mkdir ~/.config/vivaldi |
@@ -23,5 +22,15 @@ mkdir ~/.cache/vivaldi | |||
23 | whitelist ~/.cache/vivaldi | 22 | whitelist ~/.cache/vivaldi |
24 | include /etc/firejail/whitelist-common.inc | 23 | include /etc/firejail/whitelist-common.inc |
25 | 24 | ||
25 | caps.keep sys_chroot,sys_admin | ||
26 | #ipc-namespace | ||
27 | netfilter | ||
28 | nogroups | ||
29 | shell none | ||
30 | |||
31 | private-dev | ||
32 | #private-tmp - problems with multiple browser sessions | ||
33 | #disable-mnt | ||
34 | |||
26 | noexec ${HOME} | 35 | noexec ${HOME} |
27 | noexec /tmp | 36 | noexec /tmp |