From 2cb40fbecd313eeefc9894a0cac11652b1cafb73 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 14 Mar 2023 23:29:53 +0000 Subject: microsoft-edge fixes (#5697) * microsoft-edge*: fix spacing * Create microsoft-edge-stable.profile Relates to #5696. * firecfg.config: add support for microsoft-edge-stable redirect * disable-common.inc: blacklist msedge SUID executables * microsoft-edge: add private-opt and allow internal sandbox access --- etc/profile-m-z/microsoft-edge-beta.profile | 5 ++++- etc/profile-m-z/microsoft-edge-dev.profile | 5 ++++- etc/profile-m-z/microsoft-edge-stable.profile | 11 +++++++++++ etc/profile-m-z/microsoft-edge.profile | 5 ++++- 4 files changed, 23 insertions(+), 3 deletions(-) create mode 100644 etc/profile-m-z/microsoft-edge-stable.profile (limited to 'etc/profile-m-z') diff --git a/etc/profile-m-z/microsoft-edge-beta.profile b/etc/profile-m-z/microsoft-edge-beta.profile index 63844ad70..6843c11c7 100644 --- a/etc/profile-m-z/microsoft-edge-beta.profile +++ b/etc/profile-m-z/microsoft-edge-beta.profile @@ -1,5 +1,5 @@ # Firejail profile for Microsoft Edge Beta -# Description: Web browser from Microsoft,beta channel +# Description: Web browser from Microsoft, beta channel # This file is overwritten after every install/update # Persistent local customizations include microsoft-edge-beta.local @@ -8,6 +8,7 @@ include globals.local noblacklist ${HOME}/.cache/microsoft-edge-beta noblacklist ${HOME}/.config/microsoft-edge-beta +noblacklist /opt/microsoft/msedge-beta/msedge-sandbox mkdir ${HOME}/.cache/microsoft-edge-beta mkdir ${HOME}/.config/microsoft-edge-beta @@ -15,6 +16,8 @@ whitelist ${HOME}/.cache/microsoft-edge-beta whitelist ${HOME}/.config/microsoft-edge-beta whitelist /opt/microsoft/msedge-beta +# private-opt might break the file-copy-limit, see #5307 +#private-opt microsoft # Redirect include chromium-common.profile diff --git a/etc/profile-m-z/microsoft-edge-dev.profile b/etc/profile-m-z/microsoft-edge-dev.profile index b01fd7c25..b9cdaf98b 100644 --- a/etc/profile-m-z/microsoft-edge-dev.profile +++ b/etc/profile-m-z/microsoft-edge-dev.profile @@ -1,5 +1,5 @@ # Firejail profile for Microsoft Edge Dev -# Description: Web browser from Microsoft,dev channel +# Description: Web browser from Microsoft, dev channel # This file is overwritten after every install/update # Persistent local customizations include microsoft-edge-dev.local @@ -8,6 +8,7 @@ include globals.local noblacklist ${HOME}/.cache/microsoft-edge-dev noblacklist ${HOME}/.config/microsoft-edge-dev +noblacklist /opt/microsoft/msedge-dev/msedge-sandbox mkdir ${HOME}/.cache/microsoft-edge-dev mkdir ${HOME}/.config/microsoft-edge-dev @@ -15,6 +16,8 @@ whitelist ${HOME}/.cache/microsoft-edge-dev whitelist ${HOME}/.config/microsoft-edge-dev whitelist /opt/microsoft/msedge-dev +# private-opt might break file-copy-limit, see #5307 +#private-opt microsoft # Redirect include chromium-common.profile diff --git a/etc/profile-m-z/microsoft-edge-stable.profile b/etc/profile-m-z/microsoft-edge-stable.profile new file mode 100644 index 000000000..c5b2b4301 --- /dev/null +++ b/etc/profile-m-z/microsoft-edge-stable.profile @@ -0,0 +1,11 @@ +# Firejail profile for Microsoft Edge Stable +# Description: Web browser from Microsoft, stable channel +# This file is overwritten after every install/update +# Persistent local customizations +include microsoft-edge-stable.local +# Persistent global definitions +# added by included profile +#include globals.local + +# Redirect +include microsoft-edge.profile diff --git a/etc/profile-m-z/microsoft-edge.profile b/etc/profile-m-z/microsoft-edge.profile index 4cd8c85a5..ededb9cbd 100644 --- a/etc/profile-m-z/microsoft-edge.profile +++ b/etc/profile-m-z/microsoft-edge.profile @@ -1,5 +1,5 @@ # Firejail profile for Microsoft Edge -# Description: Web browser from Microsoft,stable channel +# Description: Web browser from Microsoft, stable channel # This file is overwritten after every install/update # Persistent local customizations include microsoft-edge.local @@ -8,6 +8,7 @@ include globals.local noblacklist ${HOME}/.cache/microsoft-edge noblacklist ${HOME}/.config/microsoft-edge +noblacklist /opt/microsoft/msedge/msedge-sandbox mkdir ${HOME}/.cache/microsoft-edge mkdir ${HOME}/.config/microsoft-edge @@ -15,6 +16,8 @@ whitelist ${HOME}/.cache/microsoft-edge whitelist ${HOME}/.config/microsoft-edge whitelist /opt/microsoft/msedge +# private-opt might break default file-copy-limit, see #5307 +#private-opt microsoft # Redirect include chromium-common.profile -- cgit v1.2.3-70-g09d2