diff options
Diffstat (limited to 'etc/flashpeak-slimjet.profile')
-rw-r--r-- | etc/flashpeak-slimjet.profile | 26 |
1 files changed, 2 insertions, 24 deletions
diff --git a/etc/flashpeak-slimjet.profile b/etc/flashpeak-slimjet.profile index d9be8b9c5..63f9d19a9 100644 --- a/etc/flashpeak-slimjet.profile +++ b/etc/flashpeak-slimjet.profile | |||
@@ -5,35 +5,13 @@ include /etc/firejail/flashpeak-slimjet.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | # This is a whitelisted profile, the internal browser sandbox | ||
9 | # is disabled because it requires sudo password. The command | ||
10 | # to run it is as follows: | ||
11 | # firejail flashpeak-slimjet --no-sandbox | ||
12 | |||
13 | noblacklist ${HOME}/.cache/slimjet | 8 | noblacklist ${HOME}/.cache/slimjet |
14 | noblacklist ${HOME}/.config/slimjet | 9 | noblacklist ${HOME}/.config/slimjet |
15 | noblacklist ${HOME}/.pki | ||
16 | |||
17 | include /etc/firejail/disable-common.inc | ||
18 | include /etc/firejail/disable-devel.inc | ||
19 | include /etc/firejail/disable-programs.inc | ||
20 | 10 | ||
21 | mkdir ${HOME}/.cache/slimjet | 11 | mkdir ${HOME}/.cache/slimjet |
22 | mkdir ${HOME}/.config/slimjet | 12 | mkdir ${HOME}/.config/slimjet |
23 | mkdir ${HOME}/.pki | ||
24 | whitelist ${DOWNLOADS} | ||
25 | whitelist ${HOME}/.cache/slimjet | 13 | whitelist ${HOME}/.cache/slimjet |
26 | whitelist ${HOME}/.config/slimjet | 14 | whitelist ${HOME}/.config/slimjet |
27 | whitelist ${HOME}/.pki | ||
28 | include /etc/firejail/whitelist-common.inc | ||
29 | |||
30 | caps.drop all | ||
31 | netfilter | ||
32 | nodvd | ||
33 | nonewprivs | ||
34 | noroot | ||
35 | notv | ||
36 | protocol unix,inet,inet6,netlink | ||
37 | seccomp | ||
38 | 15 | ||
39 | disable-mnt | 16 | # Redirect |
17 | include /etc/firejail/chromium-common.profile | ||