diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/firejail.config | 4 | ||||
-rw-r--r-- | etc/inc/whitelist-runuser-common.inc | 1 |
2 files changed, 5 insertions, 0 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index 731e744dd..9dd33b5ed 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -116,6 +116,10 @@ | |||
116 | # Enable or disable whitelisting support, default enabled. | 116 | # Enable or disable whitelisting support, default enabled. |
117 | # whitelist yes | 117 | # whitelist yes |
118 | 118 | ||
119 | # Disable whitelist top level directories, in addition to those | ||
120 | # that are disabled out of the box. None by default; this is an example. | ||
121 | # whitelist-disable-topdir /etc,/usr/etc | ||
122 | |||
119 | # Enable or disable X11 sandboxing support, default enabled. | 123 | # Enable or disable X11 sandboxing support, default enabled. |
120 | # x11 yes | 124 | # x11 yes |
121 | 125 | ||
diff --git a/etc/inc/whitelist-runuser-common.inc b/etc/inc/whitelist-runuser-common.inc index 0a1030b34..48309ffe3 100644 --- a/etc/inc/whitelist-runuser-common.inc +++ b/etc/inc/whitelist-runuser-common.inc | |||
@@ -13,3 +13,4 @@ whitelist ${RUNUSER}/pulse/native | |||
13 | whitelist ${RUNUSER}/wayland-0 | 13 | whitelist ${RUNUSER}/wayland-0 |
14 | whitelist ${RUNUSER}/wayland-1 | 14 | whitelist ${RUNUSER}/wayland-1 |
15 | whitelist ${RUNUSER}/xauth_* | 15 | whitelist ${RUNUSER}/xauth_* |
16 | whitelist ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] | ||