summaryrefslogtreecommitdiffstats
path: root/etc/tor-browser-en.profile
diff options
context:
space:
mode:
Diffstat (limited to 'etc/tor-browser-en.profile')
-rw-r--r--etc/tor-browser-en.profile41
1 files changed, 41 insertions, 0 deletions
diff --git a/etc/tor-browser-en.profile b/etc/tor-browser-en.profile
new file mode 100644
index 000000000..1f0b61c75
--- /dev/null
+++ b/etc/tor-browser-en.profile
@@ -0,0 +1,41 @@
1# Firejail profile for tor-browser-en
2# This file is overwritten after every install/update
3# Persistent local customizations
4include /etc/firejail/tor-browser-en.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7
8blacklist /boot
9blacklist /media
10blacklist /mnt
11blacklist /opt
12blacklist /usr/local/bin
13blacklist /var
14
15whitelist ${HOME}/.tor-browser-en
16whitelist /dev/dri
17whitelist /dev/full
18whitelist /dev/null
19whitelist /dev/ptmx
20whitelist /dev/pts
21whitelist /dev/random
22whitelist /dev/shm
23whitelist /dev/snd
24whitelist /dev/tty
25whitelist /dev/urandom
26whitelist /dev/video0
27whitelist /dev/zero
28include /etc/firejail/whitelist-common.inc
29
30caps.drop all
31noroot
32seccomp
33shell none
34
35private-bin bash,grep,sed,tail,tor-browser-en,env,id,readlink,dirname,test,mkdir,ln,sed,cp,rm,getconf,file,expr
36# FIXME: Spoof D-Bus machine id (tor-browser segfaults when it is missing!)
37# https://github.com/netblue30/firejail/issues/955
38private-etc X11,pulse,machine-id
39private-tmp
40
41noexec /tmp
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-02 15:01:30 +0000