diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2020-02-08 01:55:12 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-08 01:55:12 +0000 |
commit | c5002a26b35a9f99a60efd3e5b3bbc026048b3d3 (patch) | |
tree | 25d4aefe9f4092cb7f85d23bf3ab4602ecd82d8a /etc | |
parent | harden makepkg.profile (diff) | |
download | firejail-c5002a26b35a9f99a60efd3e5b3bbc026048b3d3.tar.gz firejail-c5002a26b35a9f99a60efd3e5b3bbc026048b3d3.tar.zst firejail-c5002a26b35a9f99a60efd3e5b3bbc026048b3d3.zip |
include wvc to more profiles (#3209)
* include wvc in aria2c.profile
* include wvc in clawsker.profile
* include wvc in conky.profile
* include wvc in dconf.profile
* include wvc in dconf-editor.profile
* include wvc in exiftool.profile
* include wvc in font-manager.profile
* include wvc in gconf.profile
* include wvc in git.profile
* include wvc in gjs.profile
* include wvc in gpg.profile
* include wvc in img2txt.profile
* include wvc in mediainfo.profile
* include wvc in mpd.profile
* include wvc in nitroshare.profile
* include wvc in ocenaudio.profile
* include wvc to ping.profile
* include wvc in simple-scan.profile
* include wvc in simplescreenrecorder.profile
* include wvc in sysprof.profile
* include wvc in tshark.profile
* include wvc in uget-gtk.profile
* include wvc in viewnior.profile
* include wvc in weechat.profile
Diffstat (limited to 'etc')
-rw-r--r-- | etc/aria2c.profile | 1 | ||||
-rw-r--r-- | etc/clawsker.profile | 1 | ||||
-rw-r--r-- | etc/conky.profile | 1 | ||||
-rw-r--r-- | etc/dconf-editor.profile | 1 | ||||
-rw-r--r-- | etc/dconf.profile | 1 | ||||
-rw-r--r-- | etc/exiftool.profile | 1 | ||||
-rw-r--r-- | etc/font-manager.profile | 1 | ||||
-rw-r--r-- | etc/gconf.profile | 1 | ||||
-rw-r--r-- | etc/git.profile | 1 | ||||
-rw-r--r-- | etc/gjs.profile | 1 | ||||
-rw-r--r-- | etc/gpg.profile | 1 | ||||
-rw-r--r-- | etc/img2txt.profile | 1 | ||||
-rw-r--r-- | etc/mediainfo.profile | 1 | ||||
-rw-r--r-- | etc/mpd.profile | 1 | ||||
-rw-r--r-- | etc/nitroshare.profile | 1 | ||||
-rw-r--r-- | etc/ocenaudio.profile | 1 | ||||
-rw-r--r-- | etc/ping.profile | 3 | ||||
-rw-r--r-- | etc/simple-scan.profile | 1 | ||||
-rw-r--r-- | etc/simplescreenrecorder.profile | 1 | ||||
-rw-r--r-- | etc/sysprof.profile | 1 | ||||
-rw-r--r-- | etc/tshark.profile | 1 | ||||
-rw-r--r-- | etc/uget-gtk.profile | 1 | ||||
-rw-r--r-- | etc/viewnior.profile | 1 | ||||
-rw-r--r-- | etc/weechat.profile | 1 |
24 files changed, 25 insertions, 1 deletions
diff --git a/etc/aria2c.profile b/etc/aria2c.profile index 7819300af..a52a26d6f 100644 --- a/etc/aria2c.profile +++ b/etc/aria2c.profile | |||
@@ -21,6 +21,7 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | 22 | ||
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | ||
24 | 25 | ||
25 | caps.drop all | 26 | caps.drop all |
26 | ipc-namespace | 27 | ipc-namespace |
diff --git a/etc/clawsker.profile b/etc/clawsker.profile index 486b022ed..07db86c92 100644 --- a/etc/clawsker.profile +++ b/etc/clawsker.profile | |||
@@ -23,6 +23,7 @@ whitelist ${HOME}/.claws-mail | |||
23 | whitelist /usr/share/perl5 | 23 | whitelist /usr/share/perl5 |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | ||
26 | 27 | ||
27 | apparmor | 28 | apparmor |
28 | caps.drop all | 29 | caps.drop all |
diff --git a/etc/conky.profile b/etc/conky.profile index 78f92720f..10a243cd3 100644 --- a/etc/conky.profile +++ b/etc/conky.profile | |||
@@ -17,6 +17,7 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
20 | include whitelist-var-common.inc | ||
20 | 21 | ||
21 | caps.drop all | 22 | caps.drop all |
22 | ipc-namespace | 23 | ipc-namespace |
diff --git a/etc/dconf-editor.profile b/etc/dconf-editor.profile index f9300268f..a9d25128f 100644 --- a/etc/dconf-editor.profile +++ b/etc/dconf-editor.profile | |||
@@ -17,6 +17,7 @@ include disable-xdg.inc | |||
17 | whitelist ${HOME}/.local/share/glib-2.0 | 17 | whitelist ${HOME}/.local/share/glib-2.0 |
18 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
20 | include whitelist-var-common.inc | ||
20 | 21 | ||
21 | apparmor | 22 | apparmor |
22 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/dconf.profile b/etc/dconf.profile index 2ee573463..ea19b2209 100644 --- a/etc/dconf.profile +++ b/etc/dconf.profile | |||
@@ -20,6 +20,7 @@ whitelist ${HOME}/.local/share/glib-2.0 | |||
20 | # dconf paths are whitelisted by the following | 20 | # dconf paths are whitelisted by the following |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | ||
23 | 24 | ||
24 | apparmor | 25 | apparmor |
25 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/exiftool.profile b/etc/exiftool.profile index 9316a0585..daacbc0c7 100644 --- a/etc/exiftool.profile +++ b/etc/exiftool.profile | |||
@@ -21,6 +21,7 @@ include disable-programs.inc | |||
21 | whitelist /usr/share/perl5 | 21 | whitelist /usr/share/perl5 |
22 | whitelist /usr/share/perl-image-exiftool | 22 | whitelist /usr/share/perl-image-exiftool |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | ||
24 | 25 | ||
25 | apparmor | 26 | apparmor |
26 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/font-manager.profile b/etc/font-manager.profile index 064df38d7..ae0e32d1e 100644 --- a/etc/font-manager.profile +++ b/etc/font-manager.profile | |||
@@ -28,6 +28,7 @@ whitelist ${HOME}/.config/font-manager | |||
28 | whitelist /usr/share/font-manager | 28 | whitelist /usr/share/font-manager |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | ||
31 | 32 | ||
32 | apparmor | 33 | apparmor |
33 | caps.drop all | 34 | caps.drop all |
diff --git a/etc/gconf.profile b/etc/gconf.profile index f070e6944..96848575d 100644 --- a/etc/gconf.profile +++ b/etc/gconf.profile | |||
@@ -28,6 +28,7 @@ whitelist /usr/share/GConf | |||
28 | whitelist /usr/share/gconf | 28 | whitelist /usr/share/gconf |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | ||
31 | 32 | ||
32 | apparmor | 33 | apparmor |
33 | caps.drop all | 34 | caps.drop all |
diff --git a/etc/git.profile b/etc/git.profile index da55f8744..e5a2f3985 100644 --- a/etc/git.profile +++ b/etc/git.profile | |||
@@ -33,6 +33,7 @@ whitelist /usr/share/gitgui | |||
33 | whitelist /usr/share/gitweb | 33 | whitelist /usr/share/gitweb |
34 | whitelist /usr/share/nano | 34 | whitelist /usr/share/nano |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
36 | include whitelist-var-common.inc | ||
36 | 37 | ||
37 | apparmor | 38 | apparmor |
38 | caps.drop all | 39 | caps.drop all |
diff --git a/etc/gjs.profile b/etc/gjs.profile index aba020bc7..85dd57f29 100644 --- a/etc/gjs.profile +++ b/etc/gjs.profile | |||
@@ -23,6 +23,7 @@ include disable-passwdmgr.inc | |||
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | 24 | ||
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | ||
26 | 27 | ||
27 | caps.drop all | 28 | caps.drop all |
28 | netfilter | 29 | netfilter |
diff --git a/etc/gpg.profile b/etc/gpg.profile index a60d42cf8..b408a0123 100644 --- a/etc/gpg.profile +++ b/etc/gpg.profile | |||
@@ -22,6 +22,7 @@ whitelist /usr/share/gnupg | |||
22 | whitelist /usr/share/gnupg2 | 22 | whitelist /usr/share/gnupg2 |
23 | whitelist /usr/share/pacman/keyrings | 23 | whitelist /usr/share/pacman/keyrings |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | ||
25 | 26 | ||
26 | caps.drop all | 27 | caps.drop all |
27 | netfilter | 28 | netfilter |
diff --git a/etc/img2txt.profile b/etc/img2txt.profile index 419da765d..0b30ec33f 100644 --- a/etc/img2txt.profile +++ b/etc/img2txt.profile | |||
@@ -20,6 +20,7 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | whitelist /usr/share/imlib2 | 21 | whitelist /usr/share/imlib2 |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | ||
23 | 24 | ||
24 | apparmor | 25 | apparmor |
25 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index fb8db3e3d..40ae663fc 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile | |||
@@ -16,6 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | include whitelist-usr-share-common.inc | 18 | include whitelist-usr-share-common.inc |
19 | include whitelist-var-common.inc | ||
19 | 20 | ||
20 | apparmor | 21 | apparmor |
21 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/mpd.profile b/etc/mpd.profile index 80f4df7cb..3fda87a48 100644 --- a/etc/mpd.profile +++ b/etc/mpd.profile | |||
@@ -20,6 +20,7 @@ include disable-programs.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | ||
23 | 24 | ||
24 | caps.drop all | 25 | caps.drop all |
25 | netfilter | 26 | netfilter |
diff --git a/etc/nitroshare.profile b/etc/nitroshare.profile index 28879d09b..dfa64cff9 100644 --- a/etc/nitroshare.profile +++ b/etc/nitroshare.profile | |||
@@ -21,6 +21,7 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | 22 | ||
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | ||
24 | 25 | ||
25 | caps.drop all | 26 | caps.drop all |
26 | netfilter | 27 | netfilter |
diff --git a/etc/ocenaudio.profile b/etc/ocenaudio.profile index acc249000..a523a6c56 100644 --- a/etc/ocenaudio.profile +++ b/etc/ocenaudio.profile | |||
@@ -19,6 +19,7 @@ include disable-programs.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | ||
22 | 23 | ||
23 | apparmor | 24 | apparmor |
24 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/ping.profile b/etc/ping.profile index 11dbbcd58..5f68ee011 100644 --- a/etc/ping.profile +++ b/etc/ping.profile | |||
@@ -15,8 +15,9 @@ include disable-passwdmgr.inc | |||
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | include whitelist-usr-share-common.inc | ||
19 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-usr-share-common.inc | ||
20 | include whitelist-var-common.inc | ||
20 | 21 | ||
21 | caps.keep net_raw | 22 | caps.keep net_raw |
22 | ipc-namespace | 23 | ipc-namespace |
diff --git a/etc/simple-scan.profile b/etc/simple-scan.profile index ff6de9ec2..40fe8c566 100644 --- a/etc/simple-scan.profile +++ b/etc/simple-scan.profile | |||
@@ -18,6 +18,7 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | whitelist /usr/share/simple-scan | 19 | whitelist /usr/share/simple-scan |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | ||
21 | 22 | ||
22 | caps.drop all | 23 | caps.drop all |
23 | netfilter | 24 | netfilter |
diff --git a/etc/simplescreenrecorder.profile b/etc/simplescreenrecorder.profile index 5f8ab360f..f7103b62d 100644 --- a/etc/simplescreenrecorder.profile +++ b/etc/simplescreenrecorder.profile | |||
@@ -18,6 +18,7 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | whitelist /usr/share/simplescreenrecorder | 19 | whitelist /usr/share/simplescreenrecorder |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | ||
21 | 22 | ||
22 | apparmor | 23 | apparmor |
23 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/sysprof.profile b/etc/sysprof.profile index 9188df709..9761629d2 100644 --- a/etc/sysprof.profile +++ b/etc/sysprof.profile | |||
@@ -15,6 +15,7 @@ include disable-programs.inc | |||
15 | include disable-xdg.inc | 15 | include disable-xdg.inc |
16 | 16 | ||
17 | include whitelist-usr-share-common.inc | 17 | include whitelist-usr-share-common.inc |
18 | include whitelist-var-common.inc | ||
18 | 19 | ||
19 | apparmor | 20 | apparmor |
20 | caps.drop all | 21 | caps.drop all |
diff --git a/etc/tshark.profile b/etc/tshark.profile index 0decb95cf..22ced5d8a 100644 --- a/etc/tshark.profile +++ b/etc/tshark.profile | |||
@@ -17,6 +17,7 @@ include disable-xdg.inc | |||
17 | whitelist /usr/share/wireshark | 17 | whitelist /usr/share/wireshark |
18 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
20 | include whitelist-var-common.inc | ||
20 | 21 | ||
21 | #caps.keep net_raw | 22 | #caps.keep net_raw |
22 | caps.keep dac_override,net_admin,net_raw | 23 | caps.keep dac_override,net_admin,net_raw |
diff --git a/etc/uget-gtk.profile b/etc/uget-gtk.profile index ec1ac48a2..8a2e83a1a 100644 --- a/etc/uget-gtk.profile +++ b/etc/uget-gtk.profile | |||
@@ -17,6 +17,7 @@ whitelist ${DOWNLOADS} | |||
17 | whitelist ${HOME}/.config/uGet | 17 | whitelist ${HOME}/.config/uGet |
18 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
20 | include whitelist-var-common.inc | ||
20 | 21 | ||
21 | caps.drop all | 22 | caps.drop all |
22 | netfilter | 23 | netfilter |
diff --git a/etc/viewnior.profile b/etc/viewnior.profile index f9241c7e0..9f57b2971 100644 --- a/etc/viewnior.profile +++ b/etc/viewnior.profile | |||
@@ -20,6 +20,7 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | ||
23 | 24 | ||
24 | apparmor | 25 | apparmor |
25 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/weechat.profile b/etc/weechat.profile index cc340124d..800724054 100644 --- a/etc/weechat.profile +++ b/etc/weechat.profile | |||
@@ -13,6 +13,7 @@ include disable-programs.inc | |||
13 | 13 | ||
14 | whitelist /usr/share/perl5 | 14 | whitelist /usr/share/perl5 |
15 | include whitelist-usr-share-common.inc | 15 | include whitelist-usr-share-common.inc |
16 | include whitelist-var-common.inc | ||
16 | 17 | ||
17 | caps.drop all | 18 | caps.drop all |
18 | netfilter | 19 | netfilter |