diff options
author | netblue30 <netblue30@yahoo.com> | 2017-04-03 09:33:46 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-04-03 09:33:46 -0400 |
commit | ccc2ed781742057205e5df6aea296a12c2043ef2 (patch) | |
tree | 4798cd27253910530dbc278e104a7c25b6ef0ba4 /etc | |
parent | updated for Go, Rust, and OpenSSL blacklist: #1186 (diff) | |
download | firejail-ccc2ed781742057205e5df6aea296a12c2043ef2.tar.gz firejail-ccc2ed781742057205e5df6aea296a12c2043ef2.tar.zst firejail-ccc2ed781742057205e5df6aea296a12c2043ef2.zip |
seccomp and brave profile merges
Diffstat (limited to 'etc')
-rw-r--r-- | etc/brave.profile | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/etc/brave.profile b/etc/brave.profile index d7678d5d5..a65a3adc8 100644 --- a/etc/brave.profile +++ b/etc/brave.profile | |||
@@ -4,18 +4,32 @@ include /etc/firejail/brave.local | |||
4 | 4 | ||
5 | # Profile for Brave browser | 5 | # Profile for Brave browser |
6 | noblacklist ~/.config/brave | 6 | noblacklist ~/.config/brave |
7 | noblacklist ~/.pki | ||
7 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
9 | include /etc/firejail/disable-devel.inc | 10 | include /etc/firejail/disable-devel.inc |
10 | 11 | ||
11 | caps.drop all | 12 | #caps.drop all |
12 | netfilter | 13 | netfilter |
13 | nonewprivs | 14 | #nonewprivs |
14 | noroot | 15 | #noroot |
15 | protocol unix,inet,inet6,netlink | 16 | #protocol unix,inet,inet6,netlink |
16 | seccomp | 17 | #seccomp |
17 | 18 | ||
18 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
19 | 20 | ||
20 | mkdir ~/.config/brave | 21 | mkdir ~/.config/brave |
21 | whitelist ~/.config/brave | 22 | whitelist ~/.config/brave |
23 | mkdir ~/.pki | ||
24 | whitelist ~/.pki | ||
25 | |||
26 | # lastpass, keepass | ||
27 | # for keepass we additionally need to whitelist our .kdbx password database | ||
28 | whitelist ~/.keepass | ||
29 | whitelist ~/.config/keepass | ||
30 | whitelist ~/.config/KeePass | ||
31 | whitelist ~/.lastpass | ||
32 | whitelist ~/.config/lastpass | ||
33 | |||
34 | include /etc/firejail/whitelist-common.inc | ||
35 | |||