diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2020-04-07 16:14:25 -0500 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2020-04-07 16:14:25 -0500 |
commit | 3848b98961614e1776b29ecfb76ef4c750b6b25f (patch) | |
tree | 3c7f0b623978562ee23fba7f52b6a039571cebea /etc/vlc.profile | |
parent | dbus-proxy (gnome_games) (diff) | |
download | firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.gz firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.zst firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.zip |
Replace `nodbus` with dbus-* filters
See
- 07fac581f6b9b5ed068f4c54a9521b51826375c5 for new dbus filters
- https://github.com/netblue30/firejail/pull/3326#issuecomment-610423183
Except for ocenaudio, access/restrictions on dbus options should
be unchanged
Ocenaudio profile: dbus filters were sandboxed (initially `nodbus`
was enabled) since comments indicated blocking dbus meant
preferences were broken
Diffstat (limited to 'etc/vlc.profile')
-rw-r--r-- | etc/vlc.profile | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/vlc.profile b/etc/vlc.profile index 572758f28..0069ebeae 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -25,7 +25,6 @@ include whitelist-var-common.inc | |||
25 | #apparmor - on Ubuntu 18.04 it refuses to start without dbus access | 25 | #apparmor - on Ubuntu 18.04 it refuses to start without dbus access |
26 | caps.drop all | 26 | caps.drop all |
27 | netfilter | 27 | netfilter |
28 | #nodbus - dbus needed for MPRIS | ||
29 | nogroups | 28 | nogroups |
30 | nonewprivs | 29 | nonewprivs |
31 | noroot | 30 | noroot |
@@ -38,5 +37,9 @@ private-bin cvlc,nvlc,qvlc,rvlc,svlc,vlc | |||
38 | private-dev | 37 | private-dev |
39 | private-tmp | 38 | private-tmp |
40 | 39 | ||
40 | # dbus needed for MPRIS | ||
41 | # dbus-user none | ||
42 | # dbus-system none | ||
43 | |||
41 | # mdwe is disabled due to breaking hardware accelerated decoding | 44 | # mdwe is disabled due to breaking hardware accelerated decoding |
42 | #memory-deny-write-execute | 45 | #memory-deny-write-execute |