diff options
author | smitsohu <smitsohu@gmail.com> | 2019-11-13 17:47:40 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-11-13 17:47:40 +0100 |
commit | dcda92c278ddea8c6e88b16b84f84c1314ac918a (patch) | |
tree | 1fc52c77f24b3811da351da7d1652d009de252bb /etc/wine.profile | |
parent | add signal mediation to apparmor profile (diff) | |
download | firejail-dcda92c278ddea8c6e88b16b84f84c1314ac918a.tar.gz firejail-dcda92c278ddea8c6e88b16b84f84c1314ac918a.tar.zst firejail-dcda92c278ddea8c6e88b16b84f84c1314ac918a.zip |
harden wine profile
Diffstat (limited to 'etc/wine.profile')
-rw-r--r-- | etc/wine.profile | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/wine.profile b/etc/wine.profile index 192c375cd..6a95c80a0 100644 --- a/etc/wine.profile +++ b/etc/wine.profile | |||
@@ -15,13 +15,19 @@ noblacklist ${HOME}/.wine | |||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | ||
18 | include disable-programs.inc | 19 | include disable-programs.inc |
19 | 20 | ||
20 | caps.drop all | 21 | caps.drop all |
22 | # net none | ||
21 | netfilter | 23 | netfilter |
22 | nodvd | 24 | nodvd |
23 | nogroups | 25 | nogroups |
24 | nonewprivs | 26 | nonewprivs |
25 | noroot | 27 | noroot |
26 | notv | 28 | notv |
29 | # novideo | ||
30 | # if seccomp breaks your program, add !ptrace to the next line | ||
27 | seccomp | 31 | seccomp |
32 | |||
33 | private-dev | ||