From ccc2ed781742057205e5df6aea296a12c2043ef2 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Mon, 3 Apr 2017 09:33:46 -0400
Subject: seccomp and brave profile merges

---
 etc/brave.profile | 24 +++++++++++++++++++-----
 1 file changed, 19 insertions(+), 5 deletions(-)

(limited to 'etc')

diff --git a/etc/brave.profile b/etc/brave.profile
index d7678d5d5..a65a3adc8 100644
--- a/etc/brave.profile
+++ b/etc/brave.profile
@@ -4,18 +4,32 @@ include /etc/firejail/brave.local
 
 # Profile for Brave browser
 noblacklist ~/.config/brave
+noblacklist ~/.pki
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
 
-caps.drop all
+#caps.drop all
 netfilter
-nonewprivs
-noroot
-protocol unix,inet,inet6,netlink
-seccomp
+#nonewprivs
+#noroot
+#protocol unix,inet,inet6,netlink
+#seccomp
 
 whitelist ${DOWNLOADS}
 
 mkdir ~/.config/brave
 whitelist ~/.config/brave
+mkdir ~/.pki
+whitelist ~/.pki
+
+# lastpass, keepass
+# for keepass we additionally need to whitelist our .kdbx password database
+whitelist ~/.keepass
+whitelist ~/.config/keepass
+whitelist ~/.config/KeePass
+whitelist ~/.lastpass
+whitelist ~/.config/lastpass
+
+include /etc/firejail/whitelist-common.inc
+
-- 
cgit v1.2.3-54-g00ecf