diff options
-rw-r--r-- | etc/clamscan.profile | 32 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
2 files changed, 33 insertions, 0 deletions
diff --git a/etc/clamscan.profile b/etc/clamscan.profile new file mode 100644 index 000000000..2fd10171f --- /dev/null +++ b/etc/clamscan.profile | |||
@@ -0,0 +1,32 @@ | |||
1 | # Firejail profile for clamscan | ||
2 | # This file is overwritten after every install/update | ||
3 | quiet | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/clamscan.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | |||
10 | caps.drop all | ||
11 | ipc-namespace | ||
12 | net none | ||
13 | no3d | ||
14 | nodvd | ||
15 | nogroups | ||
16 | nonewprivs | ||
17 | noroot | ||
18 | nosound | ||
19 | notv | ||
20 | novideo | ||
21 | protocol unix | ||
22 | seccomp | ||
23 | shell none | ||
24 | tracelog | ||
25 | x11 none | ||
26 | |||
27 | private-dev | ||
28 | read-only ${HOME} | ||
29 | |||
30 | memory-deny-write-execute | ||
31 | noexec ${HOME} | ||
32 | noexec /tmp | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 3f73ac635..e623a1aa2 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -41,6 +41,7 @@ catfish | |||
41 | cherrytree | 41 | cherrytree |
42 | chromium | 42 | chromium |
43 | chromium-browser | 43 | chromium-browser |
44 | clamscan | ||
44 | claws-mail | 45 | claws-mail |
45 | clementine | 46 | clementine |
46 | clipit | 47 | clipit |