From a1efbccd8385b883ea505f885972345b53dbaf61 Mon Sep 17 00:00:00 2001 From: Tad Date: Sun, 16 Apr 2017 06:21:51 -0400 Subject: Add a profile for Arduino IDE --- etc/arduino.profile | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 etc/arduino.profile (limited to 'etc') diff --git a/etc/arduino.profile b/etc/arduino.profile new file mode 100644 index 000000000..e80222bb6 --- /dev/null +++ b/etc/arduino.profile @@ -0,0 +1,28 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include /etc/firejail/arduino.local + +# Firejail profile for arduino +noblacklist ${HOME}/.arduino15 +noblacklist ${HOME}/Arduino + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-passwdmgr.inc +include /etc/firejail/disable-devel.inc + +caps.drop all +netfilter +no3d +nogroups +nonewprivs +noroot +nosound +protocol unix,inet,inet6 +seccomp +shell none + +private-tmp + +noexec ${HOME} +noexec /tmp -- cgit v1.2.3-54-g00ecf