From bedf08d73c59ac95e2de56ccf279108a038cb313 Mon Sep 17 00:00:00 2001
From: valoq <valoq@mailbox.org>
Date: Sun, 20 Nov 2016 12:38:38 +0100
Subject: updated default.profile

---
 etc/default.profile | 10 ++++++++--
 etc/file.profile    | 19 ++++++++++++++-----
 2 files changed, 22 insertions(+), 7 deletions(-)

(limited to 'etc')

diff --git a/etc/default.profile b/etc/default.profile
index a2de72695..487e80c64 100644
--- a/etc/default.profile
+++ b/etc/default.profile
@@ -5,11 +5,17 @@ include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-passwdmgr.inc
 
-#blacklist ${HOME}/.wine
-
 caps.drop all
 netfilter
+nogroups
 nonewprivs
 noroot
 protocol unix,inet,inet6
 seccomp
+shell none
+
+# private-bin program
+# private-etc none
+# private-dev
+# private-tmp
+
diff --git a/etc/file.profile b/etc/file.profile
index 199a97fad..f709e7f0c 100644
--- a/etc/file.profile
+++ b/etc/file.profile
@@ -1,16 +1,25 @@
 # file profile
-ignore noroot
-include /etc/firejail/default.profile
-
-blacklist /tmp/.X11-unix
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
 
+caps.drop all
 hostname file
+netfilter
 net none
 no3d
+nogroups
+nonewprivs
+#noroot
 nosound
-quiet
+protocol unix
+seccomp
 shell none
 tracelog
+quiet
+x11 none
+
+blacklist /tmp/.X11-unix
 
 private-dev
 private-bin file
-- 
cgit v1.2.3-70-g09d2