diff options
author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2021-06-23 01:14:34 -0700 |
---|---|---|
committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2021-06-23 01:14:34 -0700 |
commit | bc8d91400256b6d0739c50097f1564d1598310a4 (patch) | |
tree | 93554f7223fc03c4edef955a69ded013cb059278 /profiles/amfora.profile | |
parent | Add profiles for stellaris, cataclysm-bn, cataclysm-bn-tiles, amfora (diff) | |
download | firejail-profiles-bc8d91400256b6d0739c50097f1564d1598310a4.tar.xz |
Add kristall profile
Update amfora profile
Diffstat (limited to 'profiles/amfora.profile')
-rw-r--r-- | profiles/amfora.profile | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/profiles/amfora.profile b/profiles/amfora.profile index d4d6fa8..fcbeb82 100644 --- a/profiles/amfora.profile +++ b/profiles/amfora.profile @@ -13,14 +13,6 @@ noblacklist ${HOME}/.local/share/amfora blacklist /tmp/.X11-unix blacklist ${RUNUSER}/wayland-* -mkdir ${HOME}/.config/amfora -whitelist ${HOME}/.config/amfora -mkdir ${HOME}/.local/share/amfora -whitelist ${HOME}/.local/share/amfora - - -include allow-perl.inc - include disable-common.inc include disable-devel.inc include disable-interpreters.inc @@ -28,9 +20,15 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.config/amfora +mkdir ${HOME}/.local/share/amfora + +whitelist ${HOME}/.config/amfora +whitelist ${HOME}/.local/share/amfora include whitelist-runuser-common.inc caps.drop all +machine-id netfilter no3d nodvd @@ -46,11 +44,18 @@ seccomp shell none tracelog +disable-mnt private-bin amfora private-cache private-dev -private-etc alternatives,ca-certificates,crypto-policies,pki,resolv.conf,ssl +private-etc ca-certificates,resolv.conf,ssl private-tmp +dbus-user none +dbus-system none + +noexec ${HOME} +noexec /tmp + # # Use with hardened-malloc package env LD_PRELOAD=/usr/lib/libhardened_malloc.so |