From 7a37dc31ab907d55eb88f2fa259f37046952a0c5 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Wed, 28 Mar 2018 01:20:21 +0200
Subject: recalibrate dbus access, deploy nodbus option

see #1822 and #1825. also systematically replaces
'blacklist /run/user/*/bus' with 'nodbus'.

with contributions from @Fred-Barclay
---
 etc/gedit.profile | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'etc/gedit.profile')

diff --git a/etc/gedit.profile b/etc/gedit.profile
index 97eb692de..5b058ae28 100644
--- a/etc/gedit.profile
+++ b/etc/gedit.profile
@@ -5,8 +5,6 @@ include /etc/firejail/gedit.local
 # Persistent global definitions
 include /etc/firejail/globals.local
 
-# blacklist /run/user/*/bus - makes settings immutable
-
 noblacklist ${HOME}/.config/enchant
 noblacklist ${HOME}/.config/gedit
 noblacklist ${HOME}/.gitconfig
@@ -18,10 +16,14 @@ include /etc/firejail/disable-programs.inc
 
 include /etc/firejail/whitelist-var-common.inc
 
+# following line makes settings immutable
+apparmor
 caps.drop all
-# net none - makes settings immutable
 machine-id
+net none
 no3d
+# following line makes settings immutable
+nodbus
 nodvd
 nogroups
 nonewprivs
-- 
cgit v1.2.3-54-g00ecf