diff options
-rw-r--r-- | etc/waterfox.profile | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/waterfox.profile b/etc/waterfox.profile index 2322c1fae..67995f345 100644 --- a/etc/waterfox.profile +++ b/etc/waterfox.profile | |||
@@ -65,6 +65,7 @@ whitelist ~/.wine-pipelight64 | |||
65 | whitelist ~/.zotero | 65 | whitelist ~/.zotero |
66 | whitelist ~/dwhelper | 66 | whitelist ~/dwhelper |
67 | include /etc/firejail/whitelist-common.inc | 67 | include /etc/firejail/whitelist-common.inc |
68 | include /etc/firejail/whitelist-var-common.inc | ||
68 | 69 | ||
69 | caps.drop all | 70 | caps.drop all |
70 | netfilter | 71 | netfilter |
@@ -78,7 +79,8 @@ seccomp | |||
78 | shell none | 79 | shell none |
79 | tracelog | 80 | tracelog |
80 | 81 | ||
81 | # private-bin waterfox,which,sh,dbus-launch,dbus-send,env | 82 | # waterfox requires a shell to launch on Arch. We can possibly remove sh though. |
83 | # private-bin waterfox,which,sh,dbus-launch,dbus-send,env,dash,bash | ||
82 | private-dev | 84 | private-dev |
83 | # private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,waterfox,mime.types,mailcap,asound.conf,pulse | 85 | # private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,waterfox,mime.types,mailcap,asound.conf,pulse |
84 | private-tmp | 86 | private-tmp |