diff options
Diffstat (limited to 'etc/firefox.profile')
-rw-r--r-- | etc/firefox.profile | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/etc/firefox.profile b/etc/firefox.profile index 0b082f216..b06dfa6da 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -1,16 +1,21 @@ | |||
1 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) | 1 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) |
2 | noblacklist ${HOME}/.mozilla | 2 | |
3 | noblacklist ~/.mozilla | ||
4 | noblacklist ~/.cache/mozilla | ||
5 | noblacklist ~/keepassx.kdbx | ||
3 | include /etc/firejail/disable-mgmt.inc | 6 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 7 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
11 | |||
8 | caps.drop all | 12 | caps.drop all |
9 | seccomp | 13 | seccomp |
10 | protocol unix,inet,inet6,netlink | 14 | protocol unix,inet,inet6,netlink |
11 | netfilter | 15 | netfilter |
12 | tracelog | 16 | tracelog |
13 | noroot | 17 | noroot |
18 | |||
14 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
15 | mkdir ~/.mozilla | 20 | mkdir ~/.mozilla |
16 | whitelist ~/.mozilla | 21 | whitelist ~/.mozilla |
@@ -20,7 +25,6 @@ mkdir ~/.cache/mozilla/firefox | |||
20 | whitelist ~/.cache/mozilla/firefox | 25 | whitelist ~/.cache/mozilla/firefox |
21 | whitelist ~/dwhelper | 26 | whitelist ~/dwhelper |
22 | whitelist ~/.zotero | 27 | whitelist ~/.zotero |
23 | whitelist ~/.lastpass | ||
24 | whitelist ~/.vimperatorrc | 28 | whitelist ~/.vimperatorrc |
25 | whitelist ~/.vimperator | 29 | whitelist ~/.vimperator |
26 | whitelist ~/.pentadactylrc | 30 | whitelist ~/.pentadactylrc |
@@ -29,6 +33,21 @@ whitelist ~/.keysnail.js | |||
29 | whitelist ~/.config/gnome-mplayer | 33 | whitelist ~/.config/gnome-mplayer |
30 | whitelist ~/.cache/gnome-mplayer/plugin | 34 | whitelist ~/.cache/gnome-mplayer/plugin |
31 | whitelist ~/.pki | 35 | whitelist ~/.pki |
36 | |||
37 | # lastpass, keepassx | ||
38 | whitelist ~/.keepassx | ||
39 | whitelist ~/.config/keepassx | ||
40 | whitelist ~/keepassx.kdbx | ||
41 | whitelist ~/.lastpass | ||
42 | whitelist ~/.config/lastpass | ||
43 | |||
44 | |||
45 | #silverlight | ||
46 | whitelist ~/.wine-pipelight | ||
47 | whitelist ~/.wine-pipelight64 | ||
48 | whitelist ~/.config/pipelight-widevine | ||
49 | whitelist ~/.config/pipelight-silverlight5.1 | ||
50 | |||
32 | include /etc/firejail/whitelist-common.inc | 51 | include /etc/firejail/whitelist-common.inc |
33 | 52 | ||
34 | # experimental features | 53 | # experimental features |