From 4ece607b8f833cf0974bcf2a5e41f0504cbbff59 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Tue, 28 Jun 2016 07:58:20 -0400
Subject: sysutils

---
 etc/cpio.profile | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

(limited to 'etc/cpio.profile')

diff --git a/etc/cpio.profile b/etc/cpio.profile
index f10b82962..b0e59c106 100644
--- a/etc/cpio.profile
+++ b/etc/cpio.profile
@@ -1,10 +1,21 @@
 # cpio profile
-# testing: find . -print -depth | cpio -ov > tree.cpio
-include /etc/firejail/default.profile
-tracelog
+# /sbin and /usr/sbin are visible inside the sandbox
+# /boot is not visible and /var is heavily modified 
+
+noblacklist /sbin
+noblacklist /usr/sbin
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+private-dev
+private-tmp
+seccomp
+caps.drop all
 net none
 shell none
-private-bin cpio
-private-dev
+tracelog
+net none
+
 
 
-- 
cgit v1.2.3-54-g00ecf