1 files changed, 13 insertions, 1 deletions
diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile
index 25d78439d..fab620499 100644
--- a/etc/vivaldi.profile
+++ b/etc/vivaldi.profile
@@ -14,7 +14,6 @@ include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
-netfilter
 whitelist ${DOWNLOADS}
 mkdir ~/.config/vivaldi
@@ -22,3 +21,16 @@ whitelist ~/.config/vivaldi
 mkdir ~/.cache/vivaldi
 whitelist ~/.cache/vivaldi
 include /etc/firejail/whitelist-common.inc
+caps.keep sys_chroot,sys_admin
+#ipc-namespace
+netfilter
+nogroups
+shell none
+private-dev
+#private-tmp - problems with multiple browser sessions
+#disable-mnt
+noexec ${HOME}
+noexec /tmp

diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile index 25d78439d..fab620499 100644 --- a/etc/vivaldi.profile +++ b/etc/vivaldi.profile
@@ -14,7 +14,6 @@ include /etc/firejail/disable-common.inc
14	include /etc/firejail/disable-programs.inc	14	include /etc/firejail/disable-programs.inc
15	include /etc/firejail/disable-devel.inc	15	include /etc/firejail/disable-devel.inc
16		16
17	netfilter
18		17
19	whitelist ${DOWNLOADS}	18	whitelist ${DOWNLOADS}
20	mkdir ~/.config/vivaldi	19	mkdir ~/.config/vivaldi
@@ -22,3 +21,16 @@ whitelist ~/.config/vivaldi
22	mkdir ~/.cache/vivaldi	21	mkdir ~/.cache/vivaldi
23	whitelist ~/.cache/vivaldi	22	whitelist ~/.cache/vivaldi
24	include /etc/firejail/whitelist-common.inc	23	include /etc/firejail/whitelist-common.inc
		24
		25	caps.keep sys_chroot,sys_admin
		26	#ipc-namespace
		27	netfilter
		28	nogroups
		29	shell none
		30
		31	private-dev
		32	#private-tmp - problems with multiple browser sessions
		33	#disable-mnt
		34
		35	noexec ${HOME}
		36	noexec /tmp