diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-01-07 13:58:37 +0100 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-01-08 22:01:41 +0100 |
commit | d0004b845d074d6a1bffa1b4212dd3782f4999c3 (patch) | |
tree | 4e3e3c8da0e6935ad49cce7bf04a2d81c1a3535c /etc | |
parent | refactor mattermost-desktop as electron redirect (#3806) (diff) | |
download | firejail-d0004b845d074d6a1bffa1b4212dd3782f4999c3.tar.gz firejail-d0004b845d074d6a1bffa1b4212dd3782f4999c3.tar.zst firejail-d0004b845d074d6a1bffa1b4212dd3782f4999c3.zip |
Harden openshot.profile
'dbus-user none' freeze openshot when clicking on open project,
'dbus-user filter' works.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/profile-m-z/openshot.profile | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/etc/profile-m-z/openshot.profile b/etc/profile-m-z/openshot.profile index e1839c724..ac960345a 100644 --- a/etc/profile-m-z/openshot.profile +++ b/etc/profile-m-z/openshot.profile | |||
@@ -19,6 +19,10 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist /usr/share/blender | ||
23 | whitelist /usr/share/inkscape | ||
24 | include whitelist-runuser-common.inc | ||
25 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
23 | 27 | ||
24 | apparmor | 28 | apparmor |
@@ -32,11 +36,14 @@ notv | |||
32 | nou2f | 36 | nou2f |
33 | protocol unix,inet,inet6,netlink | 37 | protocol unix,inet,inet6,netlink |
34 | seccomp | 38 | seccomp |
39 | seccomp.block-secondary | ||
35 | shell none | 40 | shell none |
36 | tracelog | 41 | tracelog |
37 | 42 | ||
43 | private-bin blender,inkscape,openshot,openshot-qt,python3* | ||
44 | private-cache | ||
38 | private-dev | 45 | private-dev |
39 | private-tmp | 46 | private-tmp |
40 | 47 | ||
41 | dbus-user none | 48 | dbus-user filter |
42 | dbus-system none | 49 | dbus-system none |