diff options
author | David Thole <david@thedarktrumpet.com> | 2019-06-02 20:58:23 -0500 |
---|---|---|
committer | David Thole <david@thedarktrumpet.com> | 2019-06-02 20:58:23 -0500 |
commit | 0b3e3c2d83bcb01557b6e1587c3bfa2565400622 (patch) | |
tree | 9637907ecd7a280bb82d6bd2017001543d400968 /etc | |
parent | Narrowed it down that I can use shell none, but can't use private-tmp (diff) | |
download | firejail-0b3e3c2d83bcb01557b6e1587c3bfa2565400622.tar.gz firejail-0b3e3c2d83bcb01557b6e1587c3bfa2565400622.tar.zst firejail-0b3e3c2d83bcb01557b6e1587c3bfa2565400622.zip |
Moving up the noblacklist, and uncommenting out the disable-programs again. Also adding disable-exec instead of the noexec /tmp block
Diffstat (limited to 'etc')
-rw-r--r-- | etc/teams-for-linux.profile | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/etc/teams-for-linux.profile b/etc/teams-for-linux.profile index 4a3874281..e36b1e26e 100644 --- a/etc/teams-for-linux.profile +++ b/etc/teams-for-linux.profile | |||
@@ -8,13 +8,13 @@ include globals.local | |||
8 | 8 | ||
9 | caps.drop all | 9 | caps.drop all |
10 | whitelist ${HOME}/.config/teams-for-linux | 10 | whitelist ${HOME}/.config/teams-for-linux |
11 | noblacklist ${HOME}/.config/teams-for-linux | ||
11 | include disable-common.inc | 12 | include disable-common.inc |
12 | include disable-devel.inc | 13 | include disable-devel.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | # include disable-programs.inc | 16 | include disable-exec.inc |
16 | 17 | include disable-programs.inc | |
17 | |||
18 | 18 | ||
19 | netfilter | 19 | netfilter |
20 | nodvd | 20 | nodvd |
@@ -35,6 +35,4 @@ private-tmp | |||
35 | private-cache | 35 | private-cache |
36 | disable-mnt | 36 | disable-mnt |
37 | 37 | ||
38 | noblacklist ${HOME}/.config/teams-for-linux | ||
39 | 38 | ||
40 | noexec /tmp | ||