diff options
-rw-r--r-- | etc/corebird.profile | 14 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 |
2 files changed, 15 insertions, 0 deletions
diff --git a/etc/corebird.profile b/etc/corebird.profile index 87f7a970b..99a3335ef 100644 --- a/etc/corebird.profile +++ b/etc/corebird.profile | |||
@@ -5,16 +5,30 @@ include /etc/firejail/corebird.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ~/.config/corebird | ||
8 | 9 | ||
9 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
11 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
12 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
13 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | ||
16 | |||
14 | caps.drop all | 17 | caps.drop all |
15 | netfilter | 18 | netfilter |
16 | nodvd | 19 | nodvd |
20 | nogroups | ||
21 | nonewprivs | ||
17 | noroot | 22 | noroot |
18 | notv | 23 | notv |
24 | novideo | ||
19 | protocol unix,inet,inet6 | 25 | protocol unix,inet,inet6 |
20 | seccomp | 26 | seccomp |
27 | shell none | ||
28 | |||
29 | private-bin corebird | ||
30 | private-dev | ||
31 | private-tmp | ||
32 | |||
33 | noexec ${HOME} | ||
34 | noexec /tmp | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 88b7e7d32..615e28172 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -82,6 +82,7 @@ blacklist ${HOME}/.config/chromium-dev | |||
82 | blacklist ${HOME}/.config/chromium-flags.conf | 82 | blacklist ${HOME}/.config/chromium-flags.conf |
83 | blacklist ${HOME}/.config/clipit | 83 | blacklist ${HOME}/.config/clipit |
84 | blacklist ${HOME}/.config/cmus | 84 | blacklist ${HOME}/.config/cmus |
85 | blacklist ${HOME}/.config/corebird | ||
85 | blacklist ${HOME}/.config/darktable | 86 | blacklist ${HOME}/.config/darktable |
86 | blacklist ${HOME}/.config/deadbeef | 87 | blacklist ${HOME}/.config/deadbeef |
87 | blacklist ${HOME}/.config/deluge | 88 | blacklist ${HOME}/.config/deluge |