diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-05 09:44:50 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-05 09:44:50 -0400 |
commit | d43eb028d90d3417a70e9a5eb5e44ea3e3faa5a0 (patch) | |
tree | bf7eef48de8ec8467244cfc4b87f06c54ece1e32 /etc | |
parent | Merge pull request #893 from bog-dan-ro/master (diff) | |
download | firejail-d43eb028d90d3417a70e9a5eb5e44ea3e3faa5a0.tar.gz firejail-d43eb028d90d3417a70e9a5eb5e44ea3e3faa5a0.tar.zst firejail-d43eb028d90d3417a70e9a5eb5e44ea3e3faa5a0.zip |
profile fixes
Diffstat (limited to 'etc')
-rw-r--r-- | etc/evince.profile | 2 | ||||
-rw-r--r-- | etc/firefox.profile | 3 | ||||
-rw-r--r-- | etc/mupdf.profile | 2 |
3 files changed, 3 insertions, 4 deletions
diff --git a/etc/evince.profile b/etc/evince.profile index 9a9113c70..cbb2083f4 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -6,7 +6,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
6 | 6 | ||
7 | caps.drop all | 7 | caps.drop all |
8 | netfilter | 8 | netfilter |
9 | net none | 9 | #net none - creates some problems on some distributions |
10 | nogroups | 10 | nogroups |
11 | nonewprivs | 11 | nonewprivs |
12 | noroot | 12 | noroot |
diff --git a/etc/firefox.profile b/etc/firefox.profile index 7875ca6b9..3fb56fd0e 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -47,8 +47,7 @@ whitelist ~/.config/pipelight-silverlight5.1 | |||
47 | include /etc/firejail/whitelist-common.inc | 47 | include /etc/firejail/whitelist-common.inc |
48 | 48 | ||
49 | # experimental features | 49 | # experimental features |
50 | 50 | #private-bin firefox,which,sh,dbus-launch,dbus-send,env | |
51 | private-bin firefox,which,sh,dbus-launch,dbus-send,env | ||
52 | private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,firefox,mime.types,mailcap,asound.conf,pulse | 51 | private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,firefox,mime.types,mailcap,asound.conf,pulse |
53 | private-dev | 52 | private-dev |
54 | private-tmp | 53 | private-tmp |
diff --git a/etc/mupdf.profile b/etc/mupdf.profile index 65e6a8978..e022866e8 100644 --- a/etc/mupdf.profile +++ b/etc/mupdf.profile | |||
@@ -16,7 +16,7 @@ net none | |||
16 | shell none | 16 | shell none |
17 | tracelog | 17 | tracelog |
18 | 18 | ||
19 | seccomp.keep access,arch_prctl,brk,clone,close,connect,execve,exit_group,fchmod,fchown,fcntl,fstat,futex,getcwd,getpeername,getrlimit,getsockname,getsockopt,lseek,lstat,mlock,mmap,mprotect,munmap,nanosleep,open,poll,prctl,read,recvfrom,recvmsg,restart_syscall,rt_sigaction,rt_sigprocmask,select,sendmsg,set_robust_list,set_tid_address,setresgid,setresuid,shmat,shmctl,shmget,shutdown,socket,stat,sysinfo,uname,unshare,wait4,write,writev | 19 | #seccomp.keep access,arch_prctl,brk,clone,close,connect,execve,exit_group,fchmod,fchown,fcntl,fstat,futex,getcwd,getpeername,getrlimit,getsockname,getsockopt,lseek,lstat,mlock,mmap,mprotect,munmap,nanosleep,open,poll,prctl,read,recvfrom,recvmsg,restart_syscall,rt_sigaction,rt_sigprocmask,select,sendmsg,set_robust_list,set_tid_address,setresgid,setresuid,shmat,shmctl,shmget,shutdown,socket,stat,sysinfo,uname,unshare,wait4,write,writev |
20 | 20 | ||
21 | private-bin mupdf | 21 | private-bin mupdf |
22 | private-tmp | 22 | private-tmp |