diff options
-rw-r--r-- | etc/profile-m-z/ssh.profile | 1 | ||||
-rw-r--r-- | etc/profile-m-z/torbrowser-launcher.profile | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index 641c3a79d..7bc731333 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -24,6 +24,7 @@ whitelist ${RUNUSER}/keyring/ssh | |||
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | 26 | ||
27 | apparmor | ||
27 | caps.drop all | 28 | caps.drop all |
28 | ipc-namespace | 29 | ipc-namespace |
29 | netfilter | 30 | netfilter |
diff --git a/etc/profile-m-z/torbrowser-launcher.profile b/etc/profile-m-z/torbrowser-launcher.profile index 1045fa02a..8b1ed1645 100644 --- a/etc/profile-m-z/torbrowser-launcher.profile +++ b/etc/profile-m-z/torbrowser-launcher.profile | |||
@@ -15,6 +15,9 @@ noblacklist ${HOME}/.local/share/torbrowser | |||
15 | include allow-python2.inc | 15 | include allow-python2.inc |
16 | include allow-python3.inc | 16 | include allow-python3.inc |
17 | 17 | ||
18 | blacklist /opt | ||
19 | blacklist /srv | ||
20 | |||
18 | include disable-common.inc | 21 | include disable-common.inc |
19 | include disable-devel.inc | 22 | include disable-devel.inc |
20 | include disable-exec.inc | 23 | include disable-exec.inc |
@@ -30,6 +33,8 @@ whitelist ${HOME}/.config/torbrowser | |||
30 | whitelist ${HOME}/.local/share/torbrowser | 33 | whitelist ${HOME}/.local/share/torbrowser |
31 | include whitelist-common.inc | 34 | include whitelist-common.inc |
32 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
36 | include whitelist-runuser-common.inc | ||
37 | include whitelist-usr-share-common.inc | ||
33 | 38 | ||
34 | # Uncomment the line below or put 'apparmor' in your torbrowser-launcher.local. | 39 | # Uncomment the line below or put 'apparmor' in your torbrowser-launcher.local. |
35 | # IMPORTANT: the relevant rule in /etc/apparmor.d/local/firejail-default will need | 40 | # IMPORTANT: the relevant rule in /etc/apparmor.d/local/firejail-default will need |