diff options
Diffstat (limited to 'etc/baloo_file.profile')
-rw-r--r-- | etc/baloo_file.profile | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/baloo_file.profile b/etc/baloo_file.profile index 9c2909b0f..2809089e6 100644 --- a/etc/baloo_file.profile +++ b/etc/baloo_file.profile | |||
@@ -18,10 +18,12 @@ include /etc/firejail/disable-passwdmgr.inc | |||
18 | include /etc/firejail/disable-programs.inc | 18 | include /etc/firejail/disable-programs.inc |
19 | 19 | ||
20 | caps.drop all | 20 | caps.drop all |
21 | nodvd | ||
21 | nogroups | 22 | nogroups |
22 | nonewprivs | 23 | nonewprivs |
23 | noroot | 24 | noroot |
24 | nosound | 25 | nosound |
26 | notv | ||
25 | novideo | 27 | novideo |
26 | protocol unix | 28 | protocol unix |
27 | # Baloo makes ioprio_set system calls, which are blacklisted by default. | 29 | # Baloo makes ioprio_set system calls, which are blacklisted by default. |
@@ -36,6 +38,6 @@ noexec /tmp | |||
36 | 38 | ||
37 | # Make home directory read-only and allow writing only to ~/.local/share | 39 | # Make home directory read-only and allow writing only to ~/.local/share |
38 | # Note: Baloo will not be able to update the "first run" key in its configuration files. | 40 | # Note: Baloo will not be able to update the "first run" key in its configuration files. |
39 | # noexec ${HOME}/.local/share | ||
40 | # read-only ${HOME} | 41 | # read-only ${HOME} |
41 | # read-write ${HOME}/.local/share | 42 | # read-write ${HOME}/.local/share |
43 | # noexec ${HOME}/.local/share | ||