From a77cd8d18e5e8cb7ae18606cf48019fcd38f7b3b Mon Sep 17 00:00:00 2001 From: smitsohu Date: Thu, 8 Feb 2018 18:40:35 +0100 Subject: restrict kssl --- etc/akregator.profile | 1 + etc/disable-common.inc | 4 ++++ etc/whitelist-common.inc | 3 +++ 3 files changed, 8 insertions(+) (limited to 'etc') diff --git a/etc/akregator.profile b/etc/akregator.profile index f2e5ea341..2c49ef9f0 100644 --- a/etc/akregator.profile +++ b/etc/akregator.profile @@ -17,6 +17,7 @@ mkfile ${HOME}/.config/akregatorrc mkdir ${HOME}/.local/share/akregator whitelist ${HOME}/.config/akregatorrc whitelist ${HOME}/.local/share/akregator +whitelist ${HOME}/.local/share/kssl include /etc/firejail/whitelist-common.inc include /etc/firejail/whitelist-var-common.inc diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 522a14aad..996b505bc 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc @@ -83,15 +83,19 @@ read-only ${HOME}/.config/kdeglobals read-only ${HOME}/.config/kio_httprc read-only ${HOME}/.config/kiorc read-only ${HOME}/.config/kioslaverc +read-only ${HOME}/.config/ksslcablacklist read-only ${HOME}/.kde/share/config/kdeglobals read-only ${HOME}/.kde/share/config/kio_httprc read-only ${HOME}/.kde/share/config/kioslaverc +read-only ${HOME}/.kde/share/config/ksslcablacklist read-only ${HOME}/.kde/share/kde4/services read-only ${HOME}/.kde4/share/config/kdeglobals read-only ${HOME}/.kde4/share/config/kio_httprc read-only ${HOME}/.kde4/share/config/kioslaverc +read-only ${HOME}/.kde4/share/config/ksslcablacklist read-only ${HOME}/.kde4/share/kde4/services read-only ${HOME}/.local/share/kservices5 +read-only ${HOME}/.local/share/kssl # kdeinit socket blacklist /run/user/*/kdeinit5__* diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc index 97846b4a3..c664d5a53 100644 --- a/etc/whitelist-common.inc +++ b/etc/whitelist-common.inc @@ -57,15 +57,18 @@ whitelist ${HOME}/.config/Trolltech.conf whitelist ${HOME}/.config/kdeglobals whitelist ${HOME}/.config/kio_httprc whitelist ${HOME}/.config/kioslaverc +whitelist ${HOME}/.config/ksslcablacklist whitelist ${HOME}/.config/qt5ct whitelist ${HOME}/.kde/share/config/kdeglobals whitelist ${HOME}/.kde/share/config/kio_httprc whitelist ${HOME}/.kde/share/config/kioslaverc +whitelist ${HOME}/.kde/share/config/ksslcablacklist whitelist ${HOME}/.kde/share/config/oxygenrc whitelist ${HOME}/.kde/share/icons whitelist ${HOME}/.kde4/share/config/kdeglobals whitelist ${HOME}/.kde4/share/config/kio_httprc whitelist ${HOME}/.kde4/share/config/kioslaverc +whitelist ${HOME}/.kde4/share/config/ksslcablacklist whitelist ${HOME}/.kde4/share/config/oxygenrc whitelist ${HOME}/.kde4/share/icons whitelist ${HOME}/.local/share/qt5ct -- cgit v1.2.3-54-g00ecf