From b7bcc70d20a71daf5ba6dff670bbf90e7a09d2e4 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Tue, 21 Apr 2020 20:58:34 +0000
Subject: file managers refactoring (#3375)

* refactor caja.profile

* refactor dolphin.profile

* Create file-manager-common.profile

* refactor nautilus.profile

* refactor nemo.profile

* refactor pcmanfm.profile

* refactor ranger.profile

* refactor Thunar.profile
---
 etc/profile-a-l/file-manager-common.profile | 49 +++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 etc/profile-a-l/file-manager-common.profile

(limited to 'etc/profile-a-l/file-manager-common.profile')

diff --git a/etc/profile-a-l/file-manager-common.profile b/etc/profile-a-l/file-manager-common.profile
new file mode 100644
index 000000000..8551e713d
--- /dev/null
+++ b/etc/profile-a-l/file-manager-common.profile
@@ -0,0 +1,49 @@
+# Firejail profile for file managers
+# Description: Common profile for GUI file managers
+# This file is overwritten after every install/update
+# Persistent local customizations
+include file-manager-common.local
+# Persistent global definitions
+# added by caller profile
+#include globals.local
+
+# File managers need to be able to see everything under ${HOME}
+# and be able to start arbitrary applications
+
+ignore noexec ${HOME}
+
+# Allow lua (blacklisted by disable-interpreters.inc)
+include allow-lua.inc
+
+# Allow perl
+include allow-perl.inc
+
+# Allow python (blacklisted by disable-interpreters.inc)
+include allow-python2.inc
+include allow-python3.inc
+
+#include disable-common.inc
+include disable-devel.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+# include disable-programs.inc
+
+allusers
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+tracelog
+
+private-dev
+
+#dbus-user none
+#dbus-system none
-- 
cgit v1.2.3-70-g09d2