diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/google-chrome-beta.profile | 12 | ||||
-rw-r--r-- | etc/google-chrome-unstable.profile | 12 | ||||
-rw-r--r-- | etc/google-chrome.profile | 13 | ||||
-rw-r--r-- | etc/vivaldi.profile | 11 |
4 files changed, 40 insertions, 8 deletions
diff --git a/etc/google-chrome-beta.profile b/etc/google-chrome-beta.profile index e527318c2..22a2e8f88 100644 --- a/etc/google-chrome-beta.profile +++ b/etc/google-chrome-beta.profile | |||
@@ -16,8 +16,6 @@ include /etc/firejail/disable-programs.inc | |||
16 | # include /etc/firejail/disable-devel.inc | 16 | # include /etc/firejail/disable-devel.inc |
17 | # | 17 | # |
18 | 18 | ||
19 | netfilter | ||
20 | |||
21 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
22 | mkdir ~/.config/google-chrome-beta | 20 | mkdir ~/.config/google-chrome-beta |
23 | whitelist ~/.config/google-chrome-beta | 21 | whitelist ~/.config/google-chrome-beta |
@@ -27,5 +25,15 @@ mkdir ~/.pki | |||
27 | whitelist ~/.pki | 25 | whitelist ~/.pki |
28 | include /etc/firejail/whitelist-common.inc | 26 | include /etc/firejail/whitelist-common.inc |
29 | 27 | ||
28 | caps.keep sys_chroot,sys_admin | ||
29 | #ipc-namespace | ||
30 | netfilter | ||
31 | nogroups | ||
32 | shell none | ||
33 | |||
34 | private-dev | ||
35 | #private-tmp - problems with multiple browser sessions | ||
36 | #disable-mnt | ||
37 | |||
30 | noexec ${HOME} | 38 | noexec ${HOME} |
31 | noexec /tmp | 39 | noexec /tmp |
diff --git a/etc/google-chrome-unstable.profile b/etc/google-chrome-unstable.profile index 860e2488a..0675d7b49 100644 --- a/etc/google-chrome-unstable.profile +++ b/etc/google-chrome-unstable.profile | |||
@@ -16,8 +16,6 @@ include /etc/firejail/disable-programs.inc | |||
16 | # include /etc/firejail/disable-devel.inc | 16 | # include /etc/firejail/disable-devel.inc |
17 | # | 17 | # |
18 | 18 | ||
19 | netfilter | ||
20 | |||
21 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
22 | mkdir ~/.config/google-chrome-unstable | 20 | mkdir ~/.config/google-chrome-unstable |
23 | whitelist ~/.config/google-chrome-unstable | 21 | whitelist ~/.config/google-chrome-unstable |
@@ -27,5 +25,15 @@ mkdir ~/.pki | |||
27 | whitelist ~/.pki | 25 | whitelist ~/.pki |
28 | include /etc/firejail/whitelist-common.inc | 26 | include /etc/firejail/whitelist-common.inc |
29 | 27 | ||
28 | caps.keep sys_chroot,sys_admin | ||
29 | #ipc-namespace | ||
30 | netfilter | ||
31 | nogroups | ||
32 | shell none | ||
33 | |||
34 | private-dev | ||
35 | #private-tmp - problems with multiple browser sessions | ||
36 | #disable-mnt | ||
37 | |||
30 | noexec ${HOME} | 38 | noexec ${HOME} |
31 | noexec /tmp | 39 | noexec /tmp |
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile index 7d27355d2..e6fceadec 100644 --- a/etc/google-chrome.profile +++ b/etc/google-chrome.profile | |||
@@ -16,9 +16,6 @@ include /etc/firejail/disable-programs.inc | |||
16 | # include /etc/firejail/disable-devel.inc | 16 | # include /etc/firejail/disable-devel.inc |
17 | # | 17 | # |
18 | 18 | ||
19 | caps.keep sys_chroot,sys_admin | ||
20 | netfilter | ||
21 | |||
22 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
23 | mkdir ~/.config/google-chrome | 20 | mkdir ~/.config/google-chrome |
24 | whitelist ~/.config/google-chrome | 21 | whitelist ~/.config/google-chrome |
@@ -28,5 +25,15 @@ mkdir ~/.pki | |||
28 | whitelist ~/.pki | 25 | whitelist ~/.pki |
29 | include /etc/firejail/whitelist-common.inc | 26 | include /etc/firejail/whitelist-common.inc |
30 | 27 | ||
28 | caps.keep sys_chroot,sys_admin | ||
29 | #ipc-namespace | ||
30 | netfilter | ||
31 | nogroups | ||
32 | shell none | ||
33 | |||
34 | private-dev | ||
35 | #private-tmp - problems with multiple browser sessions | ||
36 | #disable-mnt | ||
37 | |||
31 | noexec ${HOME} | 38 | noexec ${HOME} |
32 | noexec /tmp | 39 | noexec /tmp |
diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile index 7b9c4c9c6..fab620499 100644 --- a/etc/vivaldi.profile +++ b/etc/vivaldi.profile | |||
@@ -14,7 +14,6 @@ include /etc/firejail/disable-common.inc | |||
14 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
15 | include /etc/firejail/disable-devel.inc | 15 | include /etc/firejail/disable-devel.inc |
16 | 16 | ||
17 | netfilter | ||
18 | 17 | ||
19 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
20 | mkdir ~/.config/vivaldi | 19 | mkdir ~/.config/vivaldi |
@@ -23,5 +22,15 @@ mkdir ~/.cache/vivaldi | |||
23 | whitelist ~/.cache/vivaldi | 22 | whitelist ~/.cache/vivaldi |
24 | include /etc/firejail/whitelist-common.inc | 23 | include /etc/firejail/whitelist-common.inc |
25 | 24 | ||
25 | caps.keep sys_chroot,sys_admin | ||
26 | #ipc-namespace | ||
27 | netfilter | ||
28 | nogroups | ||
29 | shell none | ||
30 | |||
31 | private-dev | ||
32 | #private-tmp - problems with multiple browser sessions | ||
33 | #disable-mnt | ||
34 | |||
26 | noexec ${HOME} | 35 | noexec ${HOME} |
27 | noexec /tmp | 36 | noexec /tmp |