From f332fe2614980e1d50e59e9429ff88ac49ec137c Mon Sep 17 00:00:00 2001 From: avoidr Date: Sun, 6 Dec 2015 15:33:39 +0100 Subject: add parole.profile --- etc/parole.profile | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 etc/parole.profile (limited to 'etc') diff --git a/etc/parole.profile b/etc/parole.profile new file mode 100644 index 000000000..24181c8d6 --- /dev/null +++ b/etc/parole.profile @@ -0,0 +1,17 @@ +# Profile for Parole, the default XFCE4 media player +include /etc/firejail/disable-mgmt.inc +include /etc/firejail/disable-secret.inc +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-devel.inc +private-etc passwd,group,fonts +private-bin parole,dbus-launch +blacklist ${HOME}/.pki/nssdb +blacklist ${HOME}/.lastpass +blacklist ${HOME}/.keepassx +blacklist ${HOME}/.password-store +caps.drop all +seccomp +protocol unix,inet,inet6 +netfilter +noroot +shell none -- cgit v1.2.3-54-g00ecf