diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-02-24 20:40:30 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-24 20:40:30 +0000 |
commit | cb176565030d229b8905a8873b0bf28b98d78914 (patch) | |
tree | 39fa9a749e94448eacffa0c69d711a5b0c467e81 /etc | |
parent | documentation update (diff) | |
download | firejail-cb176565030d229b8905a8873b0bf28b98d78914.tar.gz firejail-cb176565030d229b8905a8873b0bf28b98d78914.tar.zst firejail-cb176565030d229b8905a8873b0bf28b98d78914.zip |
Harden arch-audit.profile (#2450)
Diffstat (limited to 'etc')
-rw-r--r-- | etc/arch-audit.profile | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/etc/arch-audit.profile b/etc/arch-audit.profile index 7321f4e90..e28733c63 100644 --- a/etc/arch-audit.profile +++ b/etc/arch-audit.profile | |||
@@ -17,10 +17,13 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | apparmor | ||
20 | caps.drop all | 21 | caps.drop all |
21 | ipc-namespace | 22 | ipc-namespace |
23 | machine-id | ||
22 | netfilter | 24 | netfilter |
23 | no3d | 25 | no3d |
26 | nodbus | ||
24 | nodvd | 27 | nodvd |
25 | nogroups | 28 | nogroups |
26 | nonewprivs | 29 | nonewprivs |
@@ -29,14 +32,14 @@ nosound | |||
29 | notv | 32 | notv |
30 | nou2f | 33 | nou2f |
31 | novideo | 34 | novideo |
32 | protocol unix,inet,inet6 | 35 | protocol inet,inet6 |
33 | seccomp | 36 | seccomp |
34 | shell none | 37 | shell none |
35 | 38 | ||
36 | disable-mnt | 39 | disable-mnt |
37 | private | 40 | private |
38 | private-cache | ||
39 | private-bin arch-audit | 41 | private-bin arch-audit |
42 | private-cache | ||
40 | private-dev | 43 | private-dev |
41 | private-tmp | 44 | private-tmp |
42 | 45 | ||