diff options
-rw-r--r-- | etc/Wire.profile | 22 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/display.profile | 23 |
3 files changed, 46 insertions, 0 deletions
diff --git a/etc/Wire.profile b/etc/Wire.profile new file mode 100644 index 000000000..b488d75e4 --- /dev/null +++ b/etc/Wire.profile | |||
@@ -0,0 +1,22 @@ | |||
1 | # wire messenger profile | ||
2 | |||
3 | noblacklist ~/.config/Wire | ||
4 | |||
5 | include /etc/firejail/disable-common.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-devel.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | |||
10 | caps.drop all | ||
11 | netfilter | ||
12 | nonewprivs | ||
13 | nogroups | ||
14 | noroot | ||
15 | protocol unix,inet,inet6,netlink | ||
16 | seccomp | ||
17 | shell none | ||
18 | |||
19 | private-tmp | ||
20 | private-dev | ||
21 | |||
22 | # please note: the wire binary is currently identified with a capital W. This might change in future versions | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 6e22fe04d..0d9bd1bb4 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -106,6 +106,7 @@ blacklist ${HOME}/.config/Slack | |||
106 | blacklist ${HOME}/.cache/gajim | 106 | blacklist ${HOME}/.cache/gajim |
107 | blacklist ${HOME}/.local/share/gajim | 107 | blacklist ${HOME}/.local/share/gajim |
108 | blacklist ${HOME}/.config/gajim | 108 | blacklist ${HOME}/.config/gajim |
109 | blacklist ${HOME}/.config/Wire | ||
109 | 110 | ||
110 | # Games | 111 | # Games |
111 | blacklist ${HOME}/.hedgewars | 112 | blacklist ${HOME}/.hedgewars |
diff --git a/etc/display.profile b/etc/display.profile new file mode 100644 index 000000000..ec041bff7 --- /dev/null +++ b/etc/display.profile | |||
@@ -0,0 +1,23 @@ | |||
1 | # display (ImageMagick tool) image viewer profile | ||
2 | include /etc/firejail/disable-common.inc | ||
3 | include /etc/firejail/disable-programs.inc | ||
4 | include /etc/firejail/disable-devel.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | |||
7 | caps.drop all | ||
8 | seccomp | ||
9 | protocol unix | ||
10 | netfilter | ||
11 | net none | ||
12 | nonewprivs | ||
13 | noroot | ||
14 | nogroups | ||
15 | nosound | ||
16 | shell none | ||
17 | x11 xorg | ||
18 | |||
19 | private-bin display | ||
20 | private-tmp | ||
21 | private-dev | ||
22 | private-etc none | ||
23 | |||