github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

ghostwriter: hardening and private-bin improvements

Browse source
This commit is contained in:
glitsj16 2023-02-08 00:49:33 +00:00 committed by Kelvin M. Klann
parent 45a641deab
commit 358fce3edf
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
etc/profile-a-l/ghostwriter.profile
View file

@ -21,10 +21,17 @@ include disable-programs.inc
include disable-shell.inc
include disable-xdg.inc
whitelist ${HOME}/.config/ghostwriter
whitelist ${HOME}/.local/share/ghostwriter
whitelist ${DOCUMENTS}
whitelist ${DOWNLOADS}
whitelist ${PICTURES}
whitelist /usr/share/ghostwriter
whitelist /usr/share/mathjax
whitelist /usr/share/mozilla-dicts
whitelist /usr/share/texlive
whitelist /usr/share/pandoc*
include whitelist-common.inc
include whitelist-runuser-common.inc
include whitelist-usr-share-common.inc
include whitelist-var-common.inc
@ -47,7 +54,7 @@ seccomp !chroot
seccomp.block-secondary
#tracelog -- breaks
private-bin context,gettext,ghostwriter,latex,mktexfmt,pandoc,pdflatex,pdfroff,prince,weasyprint,wkhtmltopdf
private-bin affixcompress,analyze,chmorph,cmark,context,gettext,ghostwriter,hunspell,hunzip,hzip,latex,makealias,mktexfmt,munch,multimarkdown,pandoc,pdflatex,pdfroff,prince,unmunch,weasyprint,wkhtmltopdf,wordforms,wordlist2hunspell
private-cache
private-dev
# passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed