diff options
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/chromium-common-hardened.inc | 5 | ||||
-rw-r--r-- | etc/inc/disable-programs.inc | 2 |
2 files changed, 7 insertions, 0 deletions
diff --git a/etc/inc/chromium-common-hardened.inc b/etc/inc/chromium-common-hardened.inc new file mode 100644 index 000000000..f33ce3115 --- /dev/null +++ b/etc/inc/chromium-common-hardened.inc | |||
@@ -0,0 +1,5 @@ | |||
1 | caps.drop all | ||
2 | nonewprivs | ||
3 | noroot | ||
4 | protocol unix,inet,inet6,netlink | ||
5 | seccomp !chroot | ||
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 1fba79f43..7e3c0b657 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -391,6 +391,7 @@ blacklist ${HOME}/.config/transmission | |||
391 | blacklist ${HOME}/.config/truecraft | 391 | blacklist ${HOME}/.config/truecraft |
392 | blacklist ${HOME}/.config/tvbrowser | 392 | blacklist ${HOME}/.config/tvbrowser |
393 | blacklist ${HOME}/.config/uGet | 393 | blacklist ${HOME}/.config/uGet |
394 | blacklist ${HOME}/.config/ungoogled-chromium | ||
394 | blacklist ${HOME}/.config/uzbl | 395 | blacklist ${HOME}/.config/uzbl |
395 | blacklist ${HOME}/.config/viewnior | 396 | blacklist ${HOME}/.config/viewnior |
396 | blacklist ${HOME}/.config/vivaldi | 397 | blacklist ${HOME}/.config/vivaldi |
@@ -977,6 +978,7 @@ blacklist ${HOME}/.cache/telepathy | |||
977 | blacklist ${HOME}/.cache/thunderbird | 978 | blacklist ${HOME}/.cache/thunderbird |
978 | blacklist ${HOME}/.cache/torbrowser | 979 | blacklist ${HOME}/.cache/torbrowser |
979 | blacklist ${HOME}/.cache/transmission | 980 | blacklist ${HOME}/.cache/transmission |
981 | blacklist ${HOME}/.cache/ungoogled-chromium | ||
980 | blacklist ${HOME}/.cache/vivaldi | 982 | blacklist ${HOME}/.cache/vivaldi |
981 | blacklist ${HOME}/.cache/vivaldi-snapshot | 983 | blacklist ${HOME}/.cache/vivaldi-snapshot |
982 | blacklist ${HOME}/.cache/vlc | 984 | blacklist ${HOME}/.cache/vlc |