From 7a37dc31ab907d55eb88f2fa259f37046952a0c5 Mon Sep 17 00:00:00 2001 From: smitsohu Date: Wed, 28 Mar 2018 01:20:21 +0200 Subject: recalibrate dbus access, deploy nodbus option see #1822 and #1825. also systematically replaces 'blacklist /run/user/*/bus' with 'nodbus'. with contributions from @Fred-Barclay --- etc/cpio.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'etc/cpio.profile') diff --git a/etc/cpio.profile b/etc/cpio.profile index caee6570e..445e1cec7 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile @@ -6,7 +6,6 @@ include /etc/firejail/cpio.local # Persistent global definitions include /etc/firejail/globals.local -blacklist /run/user/*/bus blacklist /tmp/.X11-unix noblacklist /sbin @@ -19,6 +18,7 @@ include /etc/firejail/disable-programs.inc caps.drop all net none no3d +nodbus nodvd nonewprivs nosound -- cgit v1.2.3-54-g00ecf