From 2b68d68ed733152f5fa433c94c19fb8fe152a715 Mon Sep 17 00:00:00 2001 From: jc_gargma Date: Sat, 14 Jan 2017 17:54:00 -0800 Subject: Updated firejail profile --- test/poi.profile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/poi.profile b/test/poi.profile index 573a5ea..9af4461 100644 --- a/test/poi.profile +++ b/test/poi.profile @@ -6,6 +6,7 @@ noblacklist ~/.local/share/smolbote include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-passwdmgr.inc +include /etc/firejail/disable-devel.inc whitelist ${DOWNLOADS} mkdir ~/.cache/smolbote @@ -13,8 +14,6 @@ whitelist ~/.cache/smolbote mkdir ~/.local/share/smolbote whitelist ~/.local/share/smolbote -#blacklist ${HOME}/.wine - ## caps.drop all - Removes the ability to call programs usually run only by root. Ex - chown, setuid caps.drop all @@ -47,4 +46,7 @@ private-etc nsswitch.conf,resolv.conf ## private-tmp - Creates a virtual /tmp directory to prevent the program from accessing the /tmp files from other programs. private-tmp +## tracelog - Log all viloations to syslog +tracelog + include /etc/firejail/whitelist-common.inc -- cgit v1.2.1