diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-01-22 13:55:22 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-22 13:55:22 +0000 |
commit | 3188f41f18dc7cf73270b3db30ccca5e16e88ab4 (patch) | |
tree | fb16a3604371c597c14389d30159dc2a7942bc49 /etc | |
parent | Browsers: private-dev conditional with BROWSER_DISABLE_U2F (diff) | |
download | firejail-3188f41f18dc7cf73270b3db30ccca5e16e88ab4.tar.gz firejail-3188f41f18dc7cf73270b3db30ccca5e16e88ab4.tar.zst firejail-3188f41f18dc7cf73270b3db30ccca5e16e88ab4.zip |
Rework thunderbird.profile (#3091)
* Rework thunderbird.profile (1)
* Rework thunderbird.profile (2)
* Rework thunderbird.profile (3)
* Rework thunderbird.profile (4)
* Rework thunderbird.profile (5)
* Rework thunderbird.profile (6)
Diffstat (limited to 'etc')
-rw-r--r-- | etc/thunderbird.profile | 45 |
1 files changed, 26 insertions, 19 deletions
diff --git a/etc/thunderbird.profile b/etc/thunderbird.profile index e30b57498..6e888c163 100644 --- a/etc/thunderbird.profile +++ b/etc/thunderbird.profile | |||
@@ -6,13 +6,16 @@ include thunderbird.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Users have thunderbird set to open a browser by clicking a link in an email | 9 | # writable-run-user and dbus are needed by enigmail |
10 | # We are not allowed to blacklist browser-specific directories | 10 | ignore nodbus |
11 | writable-run-user | ||
11 | 12 | ||
12 | noblacklist ${HOME}/.cache/thunderbird | 13 | # If you want to read local mail stored in /var/mail, add the following to thunderbird.local: |
13 | noblacklist ${HOME}/.gnupg | 14 | #noblacklist /var/mail |
14 | # noblacklist ${HOME}/.icedove | 15 | #noblacklist /var/spool/mail |
15 | noblacklist ${HOME}/.thunderbird | 16 | #whitelist /var/mail |
17 | #whitelist /var/spool/mail | ||
18 | #writable-var | ||
16 | 19 | ||
17 | # Uncomment the next 4 lines or put them in your thunderbird.local to | 20 | # Uncomment the next 4 lines or put them in your thunderbird.local to |
18 | # allow Firefox to load your profile when clicking a link in an email | 21 | # allow Firefox to load your profile when clicking a link in an email |
@@ -21,6 +24,14 @@ noblacklist ${HOME}/.thunderbird | |||
21 | #whitelist ${HOME}/.cache/mozilla/firefox | 24 | #whitelist ${HOME}/.cache/mozilla/firefox |
22 | #whitelist ${HOME}/.mozilla | 25 | #whitelist ${HOME}/.mozilla |
23 | 26 | ||
27 | noblacklist ${HOME}/.cache/thunderbird | ||
28 | noblacklist ${HOME}/.gnupg | ||
29 | # noblacklist ${HOME}/.icedove | ||
30 | noblacklist ${HOME}/.thunderbird | ||
31 | |||
32 | include disable-passwdmgr.inc | ||
33 | include disable-xdg.inc | ||
34 | |||
24 | # If you have setup Thunderbird to archive emails to a local folder, | 35 | # If you have setup Thunderbird to archive emails to a local folder, |
25 | # make sure you add the path to that folder to the mkdir and whitelist | 36 | # make sure you add the path to that folder to the mkdir and whitelist |
26 | # rules below. Otherwise they will be deleted when you close Thunderbird. | 37 | # rules below. Otherwise they will be deleted when you close Thunderbird. |
@@ -34,23 +45,19 @@ whitelist ${HOME}/.gnupg | |||
34 | # whitelist ${HOME}/.icedove | 45 | # whitelist ${HOME}/.icedove |
35 | whitelist ${HOME}/.thunderbird | 46 | whitelist ${HOME}/.thunderbird |
36 | 47 | ||
37 | #whitelist /usr/share/mozilla | 48 | whitelist /usr/share/gnupg |
38 | #include whitelist-usr-share-common.inc | 49 | whitelist /usr/share/mozilla |
50 | whitelist /usr/share/webext | ||
51 | include whitelist-usr-share-common.inc | ||
52 | |||
53 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required | ||
54 | #machine-id | ||
55 | novideo | ||
39 | 56 | ||
40 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE | 57 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE |
41 | ignore private-tmp | 58 | ignore private-tmp |
42 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required | ||
43 | # machine-id | ||
44 | read-only ${HOME}/.config/mimeapps.list | ||
45 | # writable-run-user and dbus are needed by enigmail | ||
46 | writable-run-user | ||
47 | ignore nodbus | ||
48 | 59 | ||
49 | # If you want to read local mail stored in /var/mail, add the following to thunderbird.local: | 60 | read-only ${HOME}/.config/mimeapps.list |
50 | # noblacklist /var/mail | ||
51 | # noblacklist /var/spool/mail | ||
52 | # writable-var | ||
53 | 61 | ||
54 | # allow browsers | ||
55 | # Redirect | 62 | # Redirect |
56 | include firefox-common.profile | 63 | include firefox-common.profile |