diff options
Diffstat (limited to 'etc/firejail.config')
| -rw-r--r-- | etc/firejail.config | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index 592d77aff..f5b3d5efa 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
| @@ -41,12 +41,6 @@ | |||
| 41 | # Enable Firejail green prompt in terminal, default disabled | 41 | # Enable Firejail green prompt in terminal, default disabled |
| 42 | # firejail-prompt no | 42 | # firejail-prompt no |
| 43 | 43 | ||
| 44 | # Follow symlink as user. While using --whitelist feature, | ||
| 45 | # symlinks pointing outside home directory are followed only | ||
| 46 | # if both the link and the real file are owned by the user. | ||
| 47 | # Enabled by default | ||
| 48 | # follow-symlink-as-user yes | ||
| 49 | |||
| 50 | # Force use of nonewprivs. This mitigates the possibility of | 44 | # Force use of nonewprivs. This mitigates the possibility of |
| 51 | # a user abusing firejail's features to trick a privileged (suid | 45 | # a user abusing firejail's features to trick a privileged (suid |
| 52 | # or file capabilities) process into loading code or configuration | 46 | # or file capabilities) process into loading code or configuration |
| @@ -128,6 +122,10 @@ | |||
| 128 | # Enable or disable whitelisting support, default enabled. | 122 | # Enable or disable whitelisting support, default enabled. |
| 129 | # whitelist yes | 123 | # whitelist yes |
| 130 | 124 | ||
| 125 | # Disable whitelist top level directories, in addition to those | ||
| 126 | # that are disabled out of the box. None by default; this is an example. | ||
| 127 | # whitelist-disable-topdir /etc,/usr/etc | ||
| 128 | |||
| 131 | # Enable or disable X11 sandboxing support, default enabled. | 129 | # Enable or disable X11 sandboxing support, default enabled. |
| 132 | # x11 yes | 130 | # x11 yes |
| 133 | 131 | ||