From 926f21a51c2c9f1cd97b815323a8c2c8f5e9b927 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Sat, 16 Apr 2016 10:06:26 -0400 Subject: added netsurf profile --- Makefile.in | 1 + README.md | 2 +- RELNOTES | 2 +- etc/netsurf.profile | 34 ++++++++++++++++++++++++++++++++++ platform/debian/conffiles | 1 + src/firecfg/firecfg.config | 1 + 6 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 etc/netsurf.profile diff --git a/Makefile.in b/Makefile.in index 16f8e8717..64a6fbd76 100644 --- a/Makefile.in +++ b/Makefile.in @@ -164,6 +164,7 @@ realinstall: install -c -m 0644 .etc/icedove.profile $(DESTDIR)/$(sysconfdir)/firejail/. install -c -m 0644 .etc/abrowser.profile $(DESTDIR)/$(sysconfdir)/firejail/. install -c -m 0644 .etc/0ad.profile $(DESTDIR)/$(sysconfdir)/firejail/. + install -c -m 0644 .etc/netsurf.profile $(DESTDIR)/$(sysconfdir)/firejail/. sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" rm -fr .etc diff --git a/README.md b/README.md index 7f6f573b4..0edf87d48 100644 --- a/README.md +++ b/README.md @@ -281,5 +281,5 @@ $ man firejail-profile ## New security profiles lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril, qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars, qTox, -OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon, Icedove, abrowser, 0ad +OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon, Icedove, abrowser, 0ad, netsurf diff --git a/RELNOTES b/RELNOTES index fbd620408..fc7df6f19 100644 --- a/RELNOTES +++ b/RELNOTES @@ -18,7 +18,7 @@ firejail (0.9.40-rc1) baseline; urgency=low * new profiles: lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril * new profiles: qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars * new profiles: qTox, OpenSSH client, OpenBox, Dillo, cmus, dnsmasq - * new profiles: PaleMoon, Icedove, abrowser, 0ad + * new profiles: PaleMoon, Icedove, abrowser, 0ad, netsurf * build rpm packages using "make rpms" * bugfixes -- netblue30 Sun, 3 Apr 2016 08:00:00 -0500 diff --git a/etc/netsurf.profile b/etc/netsurf.profile new file mode 100644 index 000000000..26b621126 --- /dev/null +++ b/etc/netsurf.profile @@ -0,0 +1,34 @@ +# Firejail profile for Mozilla Firefox (Iceweasel in Debian) + +noblacklist ~/.config/netsurf +noblacklist ~/.cache/netsurf +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-devel.inc + +caps.drop all +seccomp +protocol unix,inet,inet6,netlink +netfilter +tracelog +noroot + +whitelist ${DOWNLOADS} +mkdir ~/.config +mkdir ~/.config/netsurf +whitelist ~/.config/netsurf +mkdir ~/.cache +mkdir ~/.cache/netsurf +whitelist ~/.cache/netsurf + +# lastpass, keepassx +whitelist ~/.keepassx +whitelist ~/.config/keepassx +whitelist ~/keepassx.kdbx +whitelist ~/.lastpass +whitelist ~/.config/lastpass + +include /etc/firejail/whitelist-common.inc + + + diff --git a/platform/debian/conffiles b/platform/debian/conffiles index dc8640147..5f1546a4f 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles @@ -83,3 +83,4 @@ /etc/firejail/palemoon.profile /etc/firejail/abrowser.profile /etc/firejail/0ad.profile +/etc/firejail/netsurf.profile diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index c28f8e352..fed477f44 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -27,6 +27,7 @@ seamonkey-bin vivaldi-beta vivaldi dillo +netsurf # bittorrent/ftp deluge -- cgit v1.2.3-70-g09d2