aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar glitsj16 <glitsj16@users.noreply.github.com>2019-02-24 21:11:55 +0000
committerLibravatar GitHub <noreply@github.com>2019-02-24 21:11:55 +0000
commit17b7a99c6854bc9fdb5edbcfbb4ad2c4d493eebb (patch)
treec06bac9878d474fb5c4de6f8aaf74f7e33cd4a69 /etc
parentHarden dig.profile (#2454) (diff)
downloadfirejail-17b7a99c6854bc9fdb5edbcfbb4ad2c4d493eebb.tar.gz
firejail-17b7a99c6854bc9fdb5edbcfbb4ad2c4d493eebb.tar.zst
firejail-17b7a99c6854bc9fdb5edbcfbb4ad2c4d493eebb.zip
Harden enchant.profile (#2455)
Diffstat (limited to 'etc')
-rw-r--r--etc/enchant.profile10
1 files changed, 7 insertions, 3 deletions
diff --git a/etc/enchant.profile b/etc/enchant.profile
index 1d3d33d68..f2d9d2ee9 100644
--- a/etc/enchant.profile
+++ b/etc/enchant.profile
@@ -15,8 +15,11 @@ include disable-passwdmgr.inc
15include disable-programs.inc 15include disable-programs.inc
16include disable-xdg.inc 16include disable-xdg.inc
17 17
18apparmor
18caps.drop all 19caps.drop all
19netfilter 20ipc-namespace
21machine-id
22net none
20no3d 23no3d
21nodbus 24nodbus
22nodvd 25nodvd
@@ -32,12 +35,13 @@ seccomp
32shell none 35shell none
33tracelog 36tracelog
34 37
35# private-bin enchant, enchant-* 38private-bin enchant, enchant-*
36private-cache 39private-cache
37private-dev 40private-dev
38private-etc alternatives 41private-etc alternatives
42private-lib
39private-tmp 43private-tmp
40 44
41# memory-deny-write-execute 45memory-deny-write-execute
42noexec ${HOME} 46noexec ${HOME}
43noexec /tmp 47noexec /tmp
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-21 05:56:30 +0000