diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2019-12-19 19:36:08 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-12-19 19:36:08 +0000 |
commit | 81997259ef3d28193e806d1e413c562927fd7631 (patch) | |
tree | 219dd2e361c8e2a48466b33fa1d3fd74de1a0759 /etc | |
parent | Fix private-etc ordering in seahorse-tool (diff) | |
download | firejail-81997259ef3d28193e806d1e413c562927fd7631.tar.gz firejail-81997259ef3d28193e806d1e413c562927fd7631.tar.zst firejail-81997259ef3d28193e806d1e413c562927fd7631.zip |
Fix Brave's native sandbox (#3087)
* Allow user access to /proc/config.gz
* Fix Brave's native sandbox
* Move /proc/config.gz to disable-common.inc
* Move /proc/config.gz to disable-common.inc
Diffstat (limited to 'etc')
-rw-r--r-- | etc/brave.profile | 3 | ||||
-rw-r--r-- | etc/disable-common.inc | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/etc/brave.profile b/etc/brave.profile index 29130ea5f..35c59f5a3 100644 --- a/etc/brave.profile +++ b/etc/brave.profile | |||
@@ -25,5 +25,8 @@ whitelist ${HOME}/.config/brave | |||
25 | whitelist ${HOME}/.config/brave-flags.conf | 25 | whitelist ${HOME}/.config/brave-flags.conf |
26 | whitelist ${HOME}/.gnupg | 26 | whitelist ${HOME}/.gnupg |
27 | 27 | ||
28 | # Brave sandbox needs read access to /proc/config.gz | ||
29 | noblacklist /proc/config.gz | ||
30 | |||
28 | # Redirect | 31 | # Redirect |
29 | include chromium-common.profile | 32 | include chromium-common.profile |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 137e4f8bd..16f231108 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -452,3 +452,6 @@ blacklist ${HOME}/Mail | |||
452 | blacklist ${HOME}/mail | 452 | blacklist ${HOME}/mail |
453 | blacklist ${HOME}/postponed | 453 | blacklist ${HOME}/postponed |
454 | blacklist ${HOME}/sent | 454 | blacklist ${HOME}/sent |
455 | |||
456 | # kernel configuration | ||
457 | blacklist /proc/config.gz | ||