diff options
| author |  glitsj16 <glitsj16@users.noreply.github.com> | 2020-02-08 00:01:09 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2020-02-08 00:01:09 +0000 |
| commit | f8542819ea5cfba205cc5bf5e99f59c0c12745bb (patch) | |
| tree | a5b68a34d6d2dd7543ce418345f19851600f13f7 /etc | |
| parent | refactor gnome-keyring.profile as whitelist (diff) | |
| download | firejail-f8542819ea5cfba205cc5bf5e99f59c0c12745bb.tar.gz firejail-f8542819ea5cfba205cc5bf5e99f59c0c12745bb.tar.zst firejail-f8542819ea5cfba205cc5bf5e99f59c0c12745bb.zip | |
harden gpg-agent.profile
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/gpg-agent.profile | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile index 2710ac88e..16bda186e 100644 --- a/etc/gpg-agent.profile +++ b/etc/gpg-agent.profile | |||
| @@ -17,12 +17,18 @@ include disable-devel.inc | |||
| 17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
| 18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
| 19 | include disable-programs.inc | 19 | include disable-programs.inc |
| 20 | include disable-xdg.inc | ||
| 20 | 21 | ||
| 22 | mkdir ${HOME}/.gnupg | ||
| 23 | whitelist ${HOME}/.gnupg | ||
| 21 | whitelist /usr/share/gnupg | 24 | whitelist /usr/share/gnupg |
| 22 | whitelist /usr/share/gnupg2 | 25 | whitelist /usr/share/gnupg2 |
| 26 | include whitelist-common.inc | ||
| 23 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
| 28 | include whitelist-var-common.inc | ||
| 24 | 29 | ||
| 25 | caps.drop all | 30 | caps.drop all |
| 31 | machine-id | ||
| 26 | netfilter | 32 | netfilter |
| 27 | no3d | 33 | no3d |
| 28 | nodvd | 34 | nodvd |