diff options
author | netblue30 <netblue30@yahoo.com> | 2015-09-01 08:27:02 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-09-01 08:27:02 -0400 |
commit | 38f13e822b3771d5d34d7a4319f0f4baafea8648 (patch) | |
tree | dfe36e62a2dd0aeaac4122ccd653a0d5006e0233 /etc | |
parent | Merge pull request #51 from sarneaud/gitignore (diff) | |
parent | Add noblacklist command to firejail. (diff) | |
download | firejail-38f13e822b3771d5d34d7a4319f0f4baafea8648.tar.gz firejail-38f13e822b3771d5d34d7a4319f0f4baafea8648.tar.zst firejail-38f13e822b3771d5d34d7a4319f0f4baafea8648.zip |
Merge pull request #53 from sarneaud/noblacklist
Noblacklist
Diffstat (limited to 'etc')
-rw-r--r-- | etc/chromium.profile | 3 | ||||
-rw-r--r-- | etc/filezilla.profile | 4 | ||||
-rw-r--r-- | etc/firefox.profile | 3 | ||||
-rw-r--r-- | etc/midori.profile | 5 | ||||
-rw-r--r-- | etc/opera.profile | 3 | ||||
-rw-r--r-- | etc/server.profile | 4 |
6 files changed, 15 insertions, 7 deletions
diff --git a/etc/chromium.profile b/etc/chromium.profile index 13559a5a8..6c3a5f2f8 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile | |||
@@ -1,7 +1,8 @@ | |||
1 | # Chromium browser profile | 1 | # Chromium browser profile |
2 | noblacklist ${HOME}/.config/chromium | ||
2 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc chromium | 5 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
6 | netfilter | 7 | netfilter |
7 | 8 | ||
diff --git a/etc/filezilla.profile b/etc/filezilla.profile index dc5086595..437fa6d43 100644 --- a/etc/filezilla.profile +++ b/etc/filezilla.profile | |||
@@ -1,7 +1,9 @@ | |||
1 | # FileZilla profile | 1 | # FileZilla profile |
2 | noblacklist ${HOME}/.filezilla | ||
3 | noblacklist ${HOME}/.config/filezilla | ||
2 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 5 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc .filezilla | 6 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-history.inc | 7 | include /etc/firejail/disable-history.inc |
6 | caps.drop all | 8 | caps.drop all |
7 | seccomp | 9 | seccomp |
diff --git a/etc/firefox.profile b/etc/firefox.profile index cd504ab44..e5b820d39 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -1,7 +1,8 @@ | |||
1 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) | 1 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) |
2 | noblacklist ${HOME}/.mozilla | ||
2 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc .mozilla | 5 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
6 | caps.drop all | 7 | caps.drop all |
7 | seccomp | 8 | seccomp |
diff --git a/etc/midori.profile b/etc/midori.profile index b21bc94ef..5bc864e31 100644 --- a/etc/midori.profile +++ b/etc/midori.profile | |||
@@ -1,7 +1,8 @@ | |||
1 | # Midory browser profile | 1 | # Midori browser profile |
2 | noblacklist ${HOME}/.config/midori | ||
2 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc midori | 5 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
6 | caps.drop all | 7 | caps.drop all |
7 | seccomp | 8 | seccomp |
diff --git a/etc/opera.profile b/etc/opera.profile index 8f8dbc609..d55c0aaa3 100644 --- a/etc/opera.profile +++ b/etc/opera.profile | |||
@@ -1,7 +1,8 @@ | |||
1 | # Chromium browser profile | 1 | # Chromium browser profile |
2 | noblacklist ${HOME}/.config/opera | ||
2 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc opera | 5 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
6 | netfilter | 7 | netfilter |
7 | noroot | 8 | noroot |
diff --git a/etc/server.profile b/etc/server.profile index 1c6461094..5b706df9a 100644 --- a/etc/server.profile +++ b/etc/server.profile | |||
@@ -1,6 +1,8 @@ | |||
1 | # generic server profile | 1 | # generic server profile |
2 | # it allows /sbin and /usr/sbin directories - this is where servers are installed | 2 | # it allows /sbin and /usr/sbin directories - this is where servers are installed |
3 | include /etc/firejail/disable-mgmt.inc sbin | 3 | noblacklist /sbin |
4 | noblacklist /usr/sbin | ||
5 | include /etc/firejail/disable-mgmt.inc | ||
4 | private | 6 | private |
5 | private-dev | 7 | private-dev |
6 | seccomp | 8 | seccomp |