diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/dolphin.profile | 3 | ||||
-rw-r--r-- | etc/k3b.profile | 1 | ||||
-rw-r--r-- | etc/kate.profile | 1 | ||||
-rw-r--r-- | etc/keepass.profile | 1 | ||||
-rw-r--r-- | etc/keepassx.profile | 1 | ||||
-rw-r--r-- | etc/keepassx2.profile | 1 | ||||
-rw-r--r-- | etc/kwrite.profile | 1 | ||||
-rw-r--r-- | etc/mediathekview.profile | 5 | ||||
-rw-r--r-- | etc/pdftotext.profile | 1 |
9 files changed, 14 insertions, 1 deletions
diff --git a/etc/dolphin.profile b/etc/dolphin.profile index 93acbd09e..bef7e0534 100644 --- a/etc/dolphin.profile +++ b/etc/dolphin.profile | |||
@@ -14,6 +14,7 @@ noblacklist ~/.local/share/dolphin | |||
14 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
15 | include /etc/firejail/disable-devel.inc | 15 | include /etc/firejail/disable-devel.inc |
16 | include /etc/firejail/disable-passwdmgr.inc | 16 | include /etc/firejail/disable-passwdmgr.inc |
17 | # dolphin needs to be able to start arbitrary applications so we cannot blacklist their files | ||
17 | # include /etc/firejail/disable-programs.inc | 18 | # include /etc/firejail/disable-programs.inc |
18 | 19 | ||
19 | caps.drop all | 20 | caps.drop all |
@@ -21,11 +22,11 @@ netfilter | |||
21 | nogroups | 22 | nogroups |
22 | nonewprivs | 23 | nonewprivs |
23 | noroot | 24 | noroot |
25 | novideo | ||
24 | protocol unix | 26 | protocol unix |
25 | seccomp | 27 | seccomp |
26 | shell none | 28 | shell none |
27 | 29 | ||
28 | # dolphin needs to be able to start arbitrary applications so we cannot blacklist their files | ||
29 | # private-bin | 30 | # private-bin |
30 | # private-dev | 31 | # private-dev |
31 | # private-etc | 32 | # private-etc |
diff --git a/etc/k3b.profile b/etc/k3b.profile index c2aed68c9..5c3e2f717 100644 --- a/etc/k3b.profile +++ b/etc/k3b.profile | |||
@@ -19,6 +19,7 @@ no3d | |||
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | nosound | 21 | nosound |
22 | novideo | ||
22 | protocol unix | 23 | protocol unix |
23 | seccomp | 24 | seccomp |
24 | shell none | 25 | shell none |
diff --git a/etc/kate.profile b/etc/kate.profile index 12d9127b4..667ad34a9 100644 --- a/etc/kate.profile +++ b/etc/kate.profile | |||
@@ -23,6 +23,7 @@ nogroups | |||
23 | nonewprivs | 23 | nonewprivs |
24 | noroot | 24 | noroot |
25 | nosound | 25 | nosound |
26 | novideo | ||
26 | protocol unix | 27 | protocol unix |
27 | seccomp | 28 | seccomp |
28 | shell none | 29 | shell none |
diff --git a/etc/keepass.profile b/etc/keepass.profile index 543bc01eb..a52344ed0 100644 --- a/etc/keepass.profile +++ b/etc/keepass.profile | |||
@@ -25,6 +25,7 @@ nogroups | |||
25 | nonewprivs | 25 | nonewprivs |
26 | noroot | 26 | noroot |
27 | nosound | 27 | nosound |
28 | novideo | ||
28 | protocol unix,inet,inet6 | 29 | protocol unix,inet,inet6 |
29 | seccomp | 30 | seccomp |
30 | shell none | 31 | shell none |
diff --git a/etc/keepassx.profile b/etc/keepassx.profile index 892dd7053..2ffb375ea 100644 --- a/etc/keepassx.profile +++ b/etc/keepassx.profile | |||
@@ -23,6 +23,7 @@ nogroups | |||
23 | nonewprivs | 23 | nonewprivs |
24 | noroot | 24 | noroot |
25 | nosound | 25 | nosound |
26 | novideo | ||
26 | protocol unix | 27 | protocol unix |
27 | seccomp | 28 | seccomp |
28 | shell none | 29 | shell none |
diff --git a/etc/keepassx2.profile b/etc/keepassx2.profile index ab56e0317..dc73b7a3e 100644 --- a/etc/keepassx2.profile +++ b/etc/keepassx2.profile | |||
@@ -22,6 +22,7 @@ nogroups | |||
22 | nonewprivs | 22 | nonewprivs |
23 | noroot | 23 | noroot |
24 | nosound | 24 | nosound |
25 | novideo | ||
25 | protocol unix | 26 | protocol unix |
26 | seccomp | 27 | seccomp |
27 | shell none | 28 | shell none |
diff --git a/etc/kwrite.profile b/etc/kwrite.profile index b6406cc0d..9b75bc6bf 100644 --- a/etc/kwrite.profile +++ b/etc/kwrite.profile | |||
@@ -23,6 +23,7 @@ nogroups | |||
23 | nonewprivs | 23 | nonewprivs |
24 | noroot | 24 | noroot |
25 | # nosound - KWrite is using ALSA! | 25 | # nosound - KWrite is using ALSA! |
26 | novideo | ||
26 | protocol unix | 27 | protocol unix |
27 | seccomp | 28 | seccomp |
28 | shell none | 29 | shell none |
diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile index bebe95a72..b6f8c7cb5 100644 --- a/etc/mediathekview.profile +++ b/etc/mediathekview.profile | |||
@@ -5,9 +5,14 @@ include /etc/firejail/mediathekview.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ~/.config/mpv | ||
9 | noblacklist ~/.config/smplayer | ||
10 | noblacklist ~/.config/totem | ||
8 | noblacklist ~/.config/vlc | 11 | noblacklist ~/.config/vlc |
9 | noblacklist ~/.java | 12 | noblacklist ~/.java |
13 | noblacklist ~/.local/share/totem | ||
10 | noblacklist ~/.mediathek3 | 14 | noblacklist ~/.mediathek3 |
15 | noblacklist ~/.mplayer | ||
11 | 16 | ||
12 | include /etc/firejail/disable-common.inc | 17 | include /etc/firejail/disable-common.inc |
13 | include /etc/firejail/disable-devel.inc | 18 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile index 89fb295dd..8d3756db6 100644 --- a/etc/pdftotext.profile +++ b/etc/pdftotext.profile | |||
@@ -19,6 +19,7 @@ nogroups | |||
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | nosound | 21 | nosound |
22 | novideo | ||
22 | protocol unix | 23 | protocol unix |
23 | seccomp | 24 | seccomp |
24 | shell none | 25 | shell none |