diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-20 22:55:48 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-20 22:55:48 +0000 |
commit | 970d0bb1f783297a5d66672a9450befbe9948d8f (patch) | |
tree | 31225c1cd7fd089ff4eb25dbfacea1d1af35064c /etc | |
parent | Merge pull request #2428 from glitsj16/assogiate (diff) | |
parent | Harden devilspie2 profile (diff) | |
download | firejail-970d0bb1f783297a5d66672a9450befbe9948d8f.tar.gz firejail-970d0bb1f783297a5d66672a9450befbe9948d8f.tar.zst firejail-970d0bb1f783297a5d66672a9450befbe9948d8f.zip |
Merge pull request #2435 from glitsj16/devilspies
Harden devilspie{2} profiles
Diffstat (limited to 'etc')
-rw-r--r-- | etc/devilspie.profile | 3 | ||||
-rw-r--r-- | etc/devilspie2.profile | 2 |
2 files changed, 5 insertions, 0 deletions
diff --git a/etc/devilspie.profile b/etc/devilspie.profile index a809bee0c..d0a1ccf41 100644 --- a/etc/devilspie.profile +++ b/etc/devilspie.profile | |||
@@ -13,9 +13,12 @@ include disable-devel.inc | |||
13 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-xdg.inc | ||
16 | 17 | ||
18 | apparmor | ||
17 | caps.drop all | 19 | caps.drop all |
18 | ipc-namespace | 20 | ipc-namespace |
21 | # machine-id breaks audio; it should work fine in setups where sound is not required | ||
19 | machine-id | 22 | machine-id |
20 | net none | 23 | net none |
21 | no3d | 24 | no3d |
diff --git a/etc/devilspie2.profile b/etc/devilspie2.profile index d8c10413b..fbf765fa2 100644 --- a/etc/devilspie2.profile +++ b/etc/devilspie2.profile | |||
@@ -13,7 +13,9 @@ include disable-devel.inc | |||
13 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-xdg.inc | ||
16 | 17 | ||
18 | apparmor | ||
17 | caps.drop all | 19 | caps.drop all |
18 | ipc-namespace | 20 | ipc-namespace |
19 | machine-id | 21 | machine-id |