diff options
author | smitsohu <smitsohu@gmail.com> | 2017-10-08 01:51:06 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-10-08 01:51:06 +0200 |
commit | c6ce7577ca78c831d15215333e4f7fb9a0977909 (patch) | |
tree | 8bb555158f55e3078825319244359a9895c952e6 /etc/wireshark.profile | |
parent | fldd fixes (diff) | |
download | firejail-c6ce7577ca78c831d15215333e4f7fb9a0977909.tar.gz firejail-c6ce7577ca78c831d15215333e4f7fb9a0977909.tar.zst firejail-c6ce7577ca78c831d15215333e4f7fb9a0977909.zip |
some profile enhancements
Diffstat (limited to 'etc/wireshark.profile')
-rw-r--r-- | etc/wireshark.profile | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/etc/wireshark.profile b/etc/wireshark.profile index f1a17ba93..35e781f67 100644 --- a/etc/wireshark.profile +++ b/etc/wireshark.profile | |||
@@ -12,18 +12,19 @@ include /etc/firejail/disable-devel.inc | |||
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
14 | 14 | ||
15 | # caps.drop all | ||
15 | caps.keep dac_override,net_admin,net_raw | 16 | caps.keep dac_override,net_admin,net_raw |
16 | netfilter | 17 | netfilter |
17 | no3d | 18 | no3d |
18 | # nogroups - breaks unprivileged wireshark usage | 19 | # nogroups - breaks network traffic capture for unprivileged users |
19 | # nonewprivs - breaks unprivileged wireshark usage | 20 | # nonewprivs - breaks network traffic capture for unprivileged users |
20 | # noroot | 21 | # noroot |
21 | nodvd | 22 | nodvd |
22 | nosound | 23 | nosound |
23 | notv | 24 | notv |
24 | novideo | 25 | novideo |
25 | # protocol unix,inet,inet6,netlink | 26 | # protocol unix,inet,inet6,netlink |
26 | # seccomp - breaks unprivileged wireshark usage | 27 | # seccomp - breaks network traffic capture for unprivileged users |
27 | shell none | 28 | shell none |
28 | tracelog | 29 | tracelog |
29 | 30 | ||