From 9888f2d3c7f9ea3823f135a67b37f4f217f0f185 Mon Sep 17 00:00:00 2001
From: Icaro Perseo <icaroperseo@riseup.net>
Date: Wed, 17 Aug 2016 21:42:06 -0500
Subject: 'icecat.profile' updated.

---
 etc/icecat.profile | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 50 insertions(+), 1 deletion(-)

diff --git a/etc/icecat.profile b/etc/icecat.profile
index 25d426ad2..2f8e2df7f 100644
--- a/etc/icecat.profile
+++ b/etc/icecat.profile
@@ -1,2 +1,51 @@
 # Firejail profile for GNU Icecat
-include /etc/firejail/firefox.profile
+
+noblacklist ~/.mozilla
+noblacklist ~/.cache/mozilla
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6,netlink
+seccomp
+tracelog
+
+whitelist ${DOWNLOADS}
+mkdir ~/.mozilla
+whitelist ~/.mozilla
+mkdir ~/.cache/mozilla/icecat
+whitelist ~/.cache/mozilla/icecat
+whitelist ~/dwhelper
+whitelist ~/.zotero
+whitelist ~/.vimperatorrc
+whitelist ~/.vimperator
+whitelist ~/.pentadactylrc
+whitelist ~/.pentadactyl
+whitelist ~/.keysnail.js
+whitelist ~/.config/gnome-mplayer
+whitelist ~/.cache/gnome-mplayer/plugin
+whitelist ~/.pki
+
+# lastpass, keepassx
+whitelist ~/.keepassx
+whitelist ~/.config/keepassx
+whitelist ~/keepassx.kdbx
+whitelist ~/.lastpass
+whitelist ~/.config/lastpass
+
+
+#silverlight
+whitelist ~/.wine-pipelight
+whitelist ~/.wine-pipelight64
+whitelist ~/.config/pipelight-widevine
+whitelist ~/.config/pipelight-silverlight5.1
+
+include /etc/firejail/whitelist-common.inc
+
+# experimental features
+#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
+
-- 
cgit v1.2.3-70-g09d2