github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 06:45:29 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1

curl profile

Browse source
This commit is contained in:
netblue30 2017-06-15 20:53:29 -04:00
parent 05fbfe6389
commit 19c2c137bf
6 changed files with 45 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -63,3 +63,8 @@ Use this issue to request new profiles: https://github.com/netblue30/firejail/is
````` `````
# Current development version: 0.9.49 # Current development version: 0.9.49
## New profiles:
curl

1
RELNOTES
View file

@ -1,5 +1,6 @@
firejail (0.9.49) baseline; urgency=low firejail (0.9.49) baseline; urgency=low
* work in progress! * work in progress!
* new profiles: curl
* bugfixes * bugfixes
-- netblue30 <netblue30@yahoo.com> Mon, 12 Jun 2017 20:00:00 -0500 -- netblue30 <netblue30@yahoo.com> Mon, 12 Jun 2017 20:00:00 -0500

35
etc/curl.profile Normal file
View file

@ -0,0 +1,35 @@
quiet
# Persistent global definitions go here
include /etc/firejail/globals.local
# This file is overwritten during software install.
# Persistent customizations should go in a .local file.
include /etc/firejail/curl.local
# curl profile
noblacklist ~/.curlrc
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-passwdmgr.inc
caps.drop all
#ipc-namespace
netfilter
no3d
nogroups
nonewprivs
noroot
nosound
protocol unix,inet,inet6
seccomp
shell none
blacklist /tmp/.X11-unix
# private-bin curl
private-dev
# private-etc resolv.conf
private-tmp
noexec ${HOME}
noexec /tmp

2
etc/disable-programs.inc
View file

@ -170,6 +170,7 @@ blacklist ${HOME}/.config/xviewer
blacklist ${HOME}/.config/zathura blacklist ${HOME}/.config/zathura
blacklist ${HOME}/.config/zoomus.conf blacklist ${HOME}/.config/zoomus.conf
blacklist ${HOME}/.conkeror.mozdev.org blacklist ${HOME}/.conkeror.mozdev.org
blacklist ${HOME}/.curlrc
blacklist ${HOME}/.dia blacklist ${HOME}/.dia
blacklist ${HOME}/.dillo blacklist ${HOME}/.dillo
blacklist ${HOME}/.dosbox blacklist ${HOME}/.dosbox
@ -339,6 +340,7 @@ blacklist ${HOME}/.vst
blacklist ${HOME}/.w3m blacklist ${HOME}/.w3m
blacklist ${HOME}/.warzone2100-3.* blacklist ${HOME}/.warzone2100-3.*
blacklist ${HOME}/.weechat blacklist ${HOME}/.weechat
blacklist ${HOME}/.wgetrc
blacklist ${HOME}/.wine blacklist ${HOME}/.wine
blacklist ${HOME}/.wine64 blacklist ${HOME}/.wine64
blacklist ${HOME}/.xiphos blacklist ${HOME}/.xiphos

1
etc/wget.profile
View file

@ -7,6 +7,7 @@ include /etc/firejail/globals.local
include /etc/firejail/wget.local include /etc/firejail/wget.local
# wget profile # wget profile
noblacklist ~/.wgetrc
include /etc/firejail/disable-common.inc include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-passwdmgr.inc

1
platform/debian/conffiles
View file

@ -307,3 +307,4 @@
/etc/firejail/darktable.profile /etc/firejail/darktable.profile
/etc/firejail/waterfox.profile /etc/firejail/waterfox.profile
/etc/firejail/handbrake.profile /etc/firejail/handbrake.profile
/etc/firejail/curl.profile