diff options
author | smitsohu <smitsohu@gmail.com> | 2017-09-03 21:34:07 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-09-03 21:34:07 +0200 |
commit | 8a0725cd013564500af985c728c1589ae9eb47f7 (patch) | |
tree | ac078334ce7fbde29e68a69ac7790a20df74e095 /etc/wireshark.profile | |
parent | Merge pull request #1523 from pizzadude/patch-4 (diff) | |
download | firejail-8a0725cd013564500af985c728c1589ae9eb47f7.tar.gz firejail-8a0725cd013564500af985c728c1589ae9eb47f7.tar.zst firejail-8a0725cd013564500af985c728c1589ae9eb47f7.zip |
tighten capability sets
Diffstat (limited to 'etc/wireshark.profile')
-rw-r--r-- | etc/wireshark.profile | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/wireshark.profile b/etc/wireshark.profile index 57f4f2f5b..7504d0b9c 100644 --- a/etc/wireshark.profile +++ b/etc/wireshark.profile | |||
@@ -12,7 +12,7 @@ include /etc/firejail/disable-devel.inc | |||
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
14 | 14 | ||
15 | # caps.drop all | 15 | caps.keep net_admin,net_raw |
16 | netfilter | 16 | netfilter |
17 | no3d | 17 | no3d |
18 | # nogroups - breaks unprivileged wireshark usage | 18 | # nogroups - breaks unprivileged wireshark usage |
@@ -21,6 +21,7 @@ no3d | |||
21 | nodvd | 21 | nodvd |
22 | nosound | 22 | nosound |
23 | notv | 23 | notv |
24 | novideo | ||
24 | # protocol unix,inet,inet6,netlink | 25 | # protocol unix,inet,inet6,netlink |
25 | # seccomp - breaks unprivileged wireshark usage | 26 | # seccomp - breaks unprivileged wireshark usage |
26 | shell none | 27 | shell none |