From 4ece607b8f833cf0974bcf2a5e41f0504cbbff59 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Tue, 28 Jun 2016 07:58:20 -0400
Subject: sysutils

---
 etc/cpio.profile    | 21 ++++++++++++++++-----
 etc/gzip.profile    |  1 +
 etc/strings.profile |  1 +
 etc/xz.profile      |  2 ++
 etc/xzdec.profile   |  4 ++--
 5 files changed, 22 insertions(+), 7 deletions(-)
 create mode 100644 etc/xz.profile

(limited to 'etc')

diff --git a/etc/cpio.profile b/etc/cpio.profile
index f10b82962..b0e59c106 100644
--- a/etc/cpio.profile
+++ b/etc/cpio.profile
@@ -1,10 +1,21 @@
 # cpio profile
-# testing: find . -print -depth | cpio -ov > tree.cpio
-include /etc/firejail/default.profile
-tracelog
+# /sbin and /usr/sbin are visible inside the sandbox
+# /boot is not visible and /var is heavily modified 
+
+noblacklist /sbin
+noblacklist /usr/sbin
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+private-dev
+private-tmp
+seccomp
+caps.drop all
 net none
 shell none
-private-bin cpio
-private-dev
+tracelog
+net none
+
 
 
diff --git a/etc/gzip.profile b/etc/gzip.profile
index 3c9e8a9bf..8d35c9f66 100644
--- a/etc/gzip.profile
+++ b/etc/gzip.profile
@@ -4,3 +4,4 @@ tracelog
 net none
 shell none
 private-dev
+private-tmp
diff --git a/etc/strings.profile b/etc/strings.profile
index 8be9a5719..9bc67cfb8 100644
--- a/etc/strings.profile
+++ b/etc/strings.profile
@@ -4,3 +4,4 @@ tracelog
 net none
 shell none
 private-dev
+private-tmp
diff --git a/etc/xz.profile b/etc/xz.profile
new file mode 100644
index 000000000..709585acd
--- /dev/null
+++ b/etc/xz.profile
@@ -0,0 +1,2 @@
+# xz profile
+include /etc/firejail/cpio.profile
diff --git a/etc/xzdec.profile b/etc/xzdec.profile
index ade46dddd..1bff66965 100644
--- a/etc/xzdec.profile
+++ b/etc/xzdec.profile
@@ -1,7 +1,7 @@
-# XZ decompressor profile
+# xzdec profile
 include /etc/firejail/default.profile
 tracelog
 net none
 shell none
 private-dev
-
+private-tmp
-- 
cgit v1.2.3-70-g09d2