blob: a614a8dbf1a629e3c30275916f9e6033941af444 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
# lxterminal (LXDE) profile
include /etc/firejail/disable-mgmt.inc
include /etc/firejail/disable-secret.inc
include /etc/firejail/disable-common.inc
blacklist ${HOME}/.pki/nssdb
blacklist ${HOME}/.lastpass
blacklist ${HOME}/.keepassx
blacklist ${HOME}/.password-store
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
#noroot - somehow this breaks on Debian Jessie!
# lxterminal is a single-instence program
# blacklist any existing lxterminal socket in order to force a second process instance
blacklist /tmp/.lxterminal-socket*
|