diff options
Diffstat (limited to 'etc/firefox.profile')
-rw-r--r-- | etc/firefox.profile | 28 |
1 files changed, 17 insertions, 11 deletions
diff --git a/etc/firefox.profile b/etc/firefox.profile index 1ea94a2c7..6bb581f4f 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -2,22 +2,24 @@ | |||
2 | 2 | ||
3 | noblacklist ~/.mozilla | 3 | noblacklist ~/.mozilla |
4 | noblacklist ~/.cache/mozilla | 4 | noblacklist ~/.cache/mozilla |
5 | noblacklist ~/.config/qpdfview | ||
6 | noblacklist ~/.local/share/qpdfview | ||
7 | noblacklist ~/.kde/share/apps/okular | ||
5 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
7 | include /etc/firejail/disable-devel.inc | 10 | include /etc/firejail/disable-devel.inc |
8 | 11 | ||
9 | caps.drop all | 12 | caps.drop all |
10 | seccomp | ||
11 | protocol unix,inet,inet6,netlink | ||
12 | netfilter | 13 | netfilter |
13 | tracelog | 14 | nonewprivs |
14 | noroot | 15 | noroot |
16 | protocol unix,inet,inet6,netlink | ||
17 | seccomp | ||
18 | tracelog | ||
15 | 19 | ||
16 | whitelist ${DOWNLOADS} | 20 | whitelist ${DOWNLOADS} |
17 | mkdir ~/.mozilla | 21 | mkdir ~/.mozilla |
18 | whitelist ~/.mozilla | 22 | whitelist ~/.mozilla |
19 | mkdir ~/.cache | ||
20 | mkdir ~/.cache/mozilla | ||
21 | mkdir ~/.cache/mozilla/firefox | 23 | mkdir ~/.cache/mozilla/firefox |
22 | whitelist ~/.cache/mozilla/firefox | 24 | whitelist ~/.cache/mozilla/firefox |
23 | whitelist ~/dwhelper | 25 | whitelist ~/dwhelper |
@@ -30,6 +32,9 @@ whitelist ~/.keysnail.js | |||
30 | whitelist ~/.config/gnome-mplayer | 32 | whitelist ~/.config/gnome-mplayer |
31 | whitelist ~/.cache/gnome-mplayer/plugin | 33 | whitelist ~/.cache/gnome-mplayer/plugin |
32 | whitelist ~/.pki | 34 | whitelist ~/.pki |
35 | whitelist ~/.config/qpdfview | ||
36 | whitelist ~/.local/share/qpdfview | ||
37 | whitelist ~/.kde/share/apps/okular | ||
33 | 38 | ||
34 | # lastpass, keepassx | 39 | # lastpass, keepassx |
35 | whitelist ~/.keepassx | 40 | whitelist ~/.keepassx |
@@ -40,14 +45,15 @@ whitelist ~/.config/lastpass | |||
40 | 45 | ||
41 | 46 | ||
42 | #silverlight | 47 | #silverlight |
43 | whitelist ~/.wine-pipelight | 48 | whitelist ~/.wine-pipelight |
44 | whitelist ~/.wine-pipelight64 | 49 | whitelist ~/.wine-pipelight64 |
45 | whitelist ~/.config/pipelight-widevine | 50 | whitelist ~/.config/pipelight-widevine |
46 | whitelist ~/.config/pipelight-silverlight5.1 | 51 | whitelist ~/.config/pipelight-silverlight5.1 |
47 | 52 | ||
48 | include /etc/firejail/whitelist-common.inc | 53 | include /etc/firejail/whitelist-common.inc |
49 | 54 | ||
50 | # experimental features | 55 | # experimental features |
51 | #private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse | 56 | #private-bin firefox,which,sh,dbus-launch,dbus-send,env |
52 | 57 | #private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,firefox,mime.types,mailcap,asound.conf,pulse | |
53 | 58 | private-dev | |
59 | private-tmp | ||