diff options
author | netblue30 <netblue30@yahoo.com> | 2016-02-12 17:55:26 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-02-12 17:55:26 -0500 |
commit | 5dd4748076b6016b0faf0a99485e99a2134b5b06 (patch) | |
tree | 11ada466619363823b8bfb1588f48f71f632c473 /etc | |
parent | split out terminal blacklisting in disable-terminals.inc (diff) | |
download | firejail-5dd4748076b6016b0faf0a99485e99a2134b5b06.tar.gz firejail-5dd4748076b6016b0faf0a99485e99a2134b5b06.tar.zst firejail-5dd4748076b6016b0faf0a99485e99a2134b5b06.zip |
added lxterminal profile
Diffstat (limited to 'etc')
-rw-r--r-- | etc/lxterminal.profile | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/etc/lxterminal.profile b/etc/lxterminal.profile new file mode 100644 index 000000000..a614a8dbf --- /dev/null +++ b/etc/lxterminal.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # lxterminal (LXDE) profile | ||
2 | |||
3 | include /etc/firejail/disable-mgmt.inc | ||
4 | include /etc/firejail/disable-secret.inc | ||
5 | include /etc/firejail/disable-common.inc | ||
6 | blacklist ${HOME}/.pki/nssdb | ||
7 | blacklist ${HOME}/.lastpass | ||
8 | blacklist ${HOME}/.keepassx | ||
9 | blacklist ${HOME}/.password-store | ||
10 | caps.drop all | ||
11 | seccomp | ||
12 | protocol unix,inet,inet6 | ||
13 | netfilter | ||
14 | |||
15 | #noroot - somehow this breaks on Debian Jessie! | ||
16 | |||
17 | # lxterminal is a single-instence program | ||
18 | # blacklist any existing lxterminal socket in order to force a second process instance | ||
19 | blacklist /tmp/.lxterminal-socket* | ||