2 files changed, 15 insertions, 0 deletions

diff --git a/etc/corebird.profile b/etc/corebird.profile
index 87f7a970b..99a3335ef 100644
--- a/etc/corebird.profile
+++ b/etc/corebird.profile
@@ -5,16 +5,30 @@ include /etc/firejail/corebird.local
 # Persistent global definitions
 include /etc/firejail/globals.local
 
+noblacklist ~/.config/corebird
 
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
+include /etc/firejail/whitelist-var-common.inc
+
 caps.drop all
 netfilter
 nodvd
+nogroups
+nonewprivs
 noroot
 notv
+novideo
 protocol unix,inet,inet6
 seccomp
+shell none
+
+private-bin corebird
+private-dev
+private-tmp
+
+noexec ${HOME}
+noexec /tmp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 88b7e7d32..615e28172 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -82,6 +82,7 @@ blacklist ${HOME}/.config/chromium-dev
 blacklist ${HOME}/.config/chromium-flags.conf
 blacklist ${HOME}/.config/clipit
 blacklist ${HOME}/.config/cmus
+blacklist ${HOME}/.config/corebird
 blacklist ${HOME}/.config/darktable
 blacklist ${HOME}/.config/deadbeef
 blacklist ${HOME}/.config/deluge