diff options
Diffstat (limited to 'etc/profile-a-l/chromium-common.profile')
| -rw-r--r-- | etc/profile-a-l/chromium-common.profile | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile index 899400d25..6a9cf99b0 100644 --- a/etc/profile-a-l/chromium-common.profile +++ b/etc/profile-a-l/chromium-common.profile | |||
| @@ -16,16 +16,25 @@ include disable-common.inc | |||
| 16 | include disable-devel.inc | 16 | include disable-devel.inc |
| 17 | include disable-exec.inc | 17 | include disable-exec.inc |
| 18 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
| 19 | # include disable-passwdmgr.inc | ||
| 19 | include disable-programs.inc | 20 | include disable-programs.inc |
| 21 | include disable-xdg.inc | ||
| 20 | 22 | ||
| 21 | mkdir ${HOME}/.pki | 23 | mkdir ${HOME}/.pki |
| 22 | mkdir ${HOME}/.local/share/pki | 24 | mkdir ${HOME}/.local/share/pki |
| 23 | whitelist ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
| 24 | whitelist ${HOME}/.pki | 26 | whitelist ${HOME}/.pki |
| 25 | whitelist ${HOME}/.local/share/pki | 27 | whitelist ${HOME}/.local/share/pki |
| 28 | whitelist /usr/share/chromium | ||
| 26 | include whitelist-common.inc | 29 | include whitelist-common.inc |
| 30 | include whitelist-runuser-common.inc | ||
| 31 | include whitelist-usr-share-common.inc | ||
| 27 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
| 28 | 33 | ||
| 34 | # Uncomment the next line (or add it to your chromium-common.local) | ||
| 35 | # if your kernel allows unprivileged userns clone. | ||
| 36 | #include chromium-common-hardened.inc | ||
| 37 | |||
| 29 | apparmor | 38 | apparmor |
| 30 | caps.keep sys_admin,sys_chroot | 39 | caps.keep sys_admin,sys_chroot |
| 31 | netfilter | 40 | netfilter |
| @@ -36,8 +45,10 @@ notv | |||
| 36 | shell none | 45 | shell none |
| 37 | 46 | ||
| 38 | disable-mnt | 47 | disable-mnt |
| 48 | private-cache | ||
| 39 | ?BROWSER_DISABLE_U2F: private-dev | 49 | ?BROWSER_DISABLE_U2F: private-dev |
| 40 | # private-tmp - problems with multiple browser sessions | 50 | # problems with multiple browser sessions |
| 51 | #private-tmp | ||
| 41 | 52 | ||
| 42 | # prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector | 53 | # prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector |
| 43 | # dbus-user none | 54 | # dbus-user none |