Add a profile for ZAProxy

author: Tad <tad@spotco.us> 2017-10-10 12:39:26 -0400
committer: Tad <tad@spotco.us> 2017-10-10 12:39:26 -0400
commit: 9627229b6ffe1566ffd26f9d3a8be2938784cc21 (patch)
tree: a08f0866e11f07fe239982957d5e03250a2b57e6 /etc/zaproxy.profile
parent: private-lib (diff)
download: firejail-9627229b6ffe1566ffd26f9d3a8be2938784cc21.tar.gz
firejail-9627229b6ffe1566ffd26f9d3a8be2938784cc21.tar.zst
firejail-9627229b6ffe1566ffd26f9d3a8be2938784cc21.zip
1 files changed, 42 insertions, 0 deletions
diff --git a/etc/zaproxy.profile b/etc/zaproxy.profile
new file mode 100644
index 000000000..3cce79a2e
--- /dev/null
+++ b/etc/zaproxy.profile
@@ -0,0 +1,42 @@
+# Firejail profile for zaproxy
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/zaproxy.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+noblacklist ${HOME}/.java
+noblacklist ${HOME}/.ZAP
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+mkdir ${HOME}/.ZAP
+whitelist ${HOME}/.java
+whitelist ${HOME}/.ZAP
+include /etc/firejail/whitelist-common.inc
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+ipc-namespace
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+disable-mnt
+private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
author	Tad <tad@spotco.us>	2017-10-10 12:39:26 -0400
committer	Tad <tad@spotco.us>	2017-10-10 12:39:26 -0400
commit	9627229b6ffe1566ffd26f9d3a8be2938784cc21 (patch)
tree	a08f0866e11f07fe239982957d5e03250a2b57e6 /etc/zaproxy.profile
parent	private-lib (diff)
download	firejail-9627229b6ffe1566ffd26f9d3a8be2938784cc21.tar.gz firejail-9627229b6ffe1566ffd26f9d3a8be2938784cc21.tar.zst firejail-9627229b6ffe1566ffd26f9d3a8be2938784cc21.zip

diff --git a/etc/zaproxy.profile b/etc/zaproxy.profile new file mode 100644 index 000000000..3cce79a2e --- /dev/null +++ b/etc/zaproxy.profile
@@ -0,0 +1,42 @@
	1	# Firejail profile for zaproxy
	2	# This file is overwritten after every install/update
	3	# Persistent local customizations
	4	include /etc/firejail/zaproxy.local
	5	# Persistent global definitions
	6	include /etc/firejail/globals.local
	7
	8	noblacklist ${HOME}/.java
	9	noblacklist ${HOME}/.ZAP
	10
	11	include /etc/firejail/disable-common.inc
	12	include /etc/firejail/disable-devel.inc
	13	include /etc/firejail/disable-passwdmgr.inc
	14	include /etc/firejail/disable-programs.inc
	15
	16	mkdir ${HOME}/.ZAP
	17	whitelist ${HOME}/.java
	18	whitelist ${HOME}/.ZAP
	19	include /etc/firejail/whitelist-common.inc
	20	include /etc/firejail/whitelist-var-common.inc
	21
	22	caps.drop all
	23	ipc-namespace
	24	netfilter
	25	no3d
	26	nodvd
	27	nogroups
	28	nonewprivs
	29	noroot
	30	nosound
	31	notv
	32	novideo
	33	protocol unix,inet,inet6
	34	seccomp
	35	shell none
	36
	37	disable-mnt
	38	private-dev
	39	private-tmp
	40
	41	noexec ${HOME}
	42	noexec /tmp