diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2020-02-08 00:01:09 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-08 00:01:09 +0000 |
commit | f8542819ea5cfba205cc5bf5e99f59c0c12745bb (patch) | |
tree | a5b68a34d6d2dd7543ce418345f19851600f13f7 /etc | |
parent | refactor gnome-keyring.profile as whitelist (diff) | |
download | firejail-f8542819ea5cfba205cc5bf5e99f59c0c12745bb.tar.gz firejail-f8542819ea5cfba205cc5bf5e99f59c0c12745bb.tar.zst firejail-f8542819ea5cfba205cc5bf5e99f59c0c12745bb.zip |
harden gpg-agent.profile
Diffstat (limited to 'etc')
-rw-r--r-- | etc/gpg-agent.profile | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile index 2710ac88e..16bda186e 100644 --- a/etc/gpg-agent.profile +++ b/etc/gpg-agent.profile | |||
@@ -17,12 +17,18 @@ include disable-devel.inc | |||
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-xdg.inc | ||
20 | 21 | ||
22 | mkdir ${HOME}/.gnupg | ||
23 | whitelist ${HOME}/.gnupg | ||
21 | whitelist /usr/share/gnupg | 24 | whitelist /usr/share/gnupg |
22 | whitelist /usr/share/gnupg2 | 25 | whitelist /usr/share/gnupg2 |
26 | include whitelist-common.inc | ||
23 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | ||
24 | 29 | ||
25 | caps.drop all | 30 | caps.drop all |
31 | machine-id | ||
26 | netfilter | 32 | netfilter |
27 | no3d | 33 | no3d |
28 | nodvd | 34 | nodvd |