From c6259375dff79484b9f3d587da9fbfa76a3b68b9 Mon Sep 17 00:00:00 2001 From: Fred-Barclay Date: Wed, 4 Oct 2017 16:24:36 -0500 Subject: Tighten multiple profiles. This adds whitelist-var-common, machine-id, memory-deny-write-execute, and noexec home and tmp when possible. --- etc/libreoffice.profile | 2 ++ 1 file changed, 2 insertions(+) (limited to 'etc/libreoffice.profile') diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile index 8d05a557c..214b49c65 100644 --- a/etc/libreoffice.profile +++ b/etc/libreoffice.profile @@ -17,6 +17,7 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/whitelist-var-common.inc caps.drop all +machine-id netfilter nodvd nogroups @@ -29,6 +30,7 @@ shell none tracelog private-dev +private-tmp noexec ${HOME} noexec /tmp -- cgit v1.2.3-70-g09d2