From 395aa4f6320277f2488b1601f38d3491487dc0d6 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Mon, 18 Sep 2017 11:58:27 -0400 Subject: whitelist /var --- etc/amarok.profile | 2 ++ etc/digikam.profile | 2 ++ etc/dragon.profile | 2 ++ etc/k3b.profile | 2 ++ etc/kate.profile | 2 ++ etc/kcalc.profile | 2 ++ etc/kwrite.profile | 2 ++ etc/libreoffice.profile | 2 ++ etc/okular.profile | 2 ++ 9 files changed, 18 insertions(+) diff --git a/etc/amarok.profile b/etc/amarok.profile index 478d5285c..79343fcdf 100644 --- a/etc/amarok.profile +++ b/etc/amarok.profile @@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nogroups diff --git a/etc/digikam.profile b/etc/digikam.profile index 43191ec06..ef518470e 100644 --- a/etc/digikam.profile +++ b/etc/digikam.profile @@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nodvd diff --git a/etc/dragon.profile b/etc/dragon.profile index 211c2432f..c37f81ac9 100644 --- a/etc/dragon.profile +++ b/etc/dragon.profile @@ -12,6 +12,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nodvd diff --git a/etc/k3b.profile b/etc/k3b.profile index ca190ecb9..58623d823 100644 --- a/etc/k3b.profile +++ b/etc/k3b.profile @@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all no3d nonewprivs diff --git a/etc/kate.profile b/etc/kate.profile index ec5d09ce2..69100d49d 100644 --- a/etc/kate.profile +++ b/etc/kate.profile @@ -17,6 +17,8 @@ include /etc/firejail/disable-common.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nodvd diff --git a/etc/kcalc.profile b/etc/kcalc.profile index f334c4c72..0de23f106 100644 --- a/etc/kcalc.profile +++ b/etc/kcalc.profile @@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter no3d diff --git a/etc/kwrite.profile b/etc/kwrite.profile index 6ba076dc0..6b458ede3 100644 --- a/etc/kwrite.profile +++ b/etc/kwrite.profile @@ -17,6 +17,8 @@ include /etc/firejail/disable-common.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nodvd diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile index ec7356002..8d05a557c 100644 --- a/etc/libreoffice.profile +++ b/etc/libreoffice.profile @@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nodvd diff --git a/etc/okular.profile b/etc/okular.profile index 5a704ad26..94736fbae 100644 --- a/etc/okular.profile +++ b/etc/okular.profile @@ -20,6 +20,8 @@ include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/whitelist-var-common.inc + caps.drop all netfilter nodvd -- cgit v1.2.3-70-g09d2