diff options
author | Aidan Gauland <aidalgol@fastmail.net> | 2017-07-27 20:12:45 +1200 |
---|---|---|
committer | Aidan Gauland <aidalgol@fastmail.net> | 2017-07-27 20:18:53 +1200 |
commit | fa77822573050998fe3cb8050d37ec0412e39239 (patch) | |
tree | 025a44370a31da31487b799c95f9169a4dbcb0c2 /etc | |
parent | Improve cross build support by using configured compiler instead of make default (diff) | |
download | firejail-fa77822573050998fe3cb8050d37ec0412e39239.tar.gz firejail-fa77822573050998fe3cb8050d37ec0412e39239.tar.zst firejail-fa77822573050998fe3cb8050d37ec0412e39239.zip |
Add Electron and Riot profiles
* Add a generic profile for Electron applications.
* Add a specific profile for Riot based on this new Electron profile.
* Addresses vector-im/riot-web#3004
* Fulfils profile request for Riot.im in netblue30/firejail#1139
Diffstat (limited to 'etc')
-rw-r--r-- | etc/electron.profile | 12 | ||||
-rw-r--r-- | etc/riot-web.profile | 5 |
2 files changed, 17 insertions, 0 deletions
diff --git a/etc/electron.profile b/etc/electron.profile new file mode 100644 index 000000000..efaecf029 --- /dev/null +++ b/etc/electron.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Generic Firejail profile for Electron applications. | ||
2 | include /etc/firejail/disable-common.inc | ||
3 | include /etc/firejail/disable-programs.inc | ||
4 | include /etc/firejail/disable-passwdmgr.inc | ||
5 | |||
6 | caps.drop all | ||
7 | netfilter | ||
8 | nogroups | ||
9 | nonewprivs | ||
10 | noroot | ||
11 | protocol unix,inet,inet6,netlink | ||
12 | seccomp | ||
diff --git a/etc/riot-web.profile b/etc/riot-web.profile new file mode 100644 index 000000000..4814dadf7 --- /dev/null +++ b/etc/riot-web.profile | |||
@@ -0,0 +1,5 @@ | |||
1 | # Firejail profile for Riot. | ||
2 | noblacklist ~/.config/Riot | ||
3 | whitelist ~/.config/Riot | ||
4 | |||
5 | include /etc/firejail/electron.profile | ||