github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 14:56:05 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1

Harden qutebrowser

Browse source
This commit is contained in:
glitsj16 2022-10-03 18:32:54 +00:00 committed by GitHub
parent f2ba0b4a22
commit 669c18c606
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
etc/profile-m-z/qutebrowser.profile
View file

@ -10,6 +10,9 @@ noblacklist ${HOME}/.cache/qutebrowser
noblacklist ${HOME}/.config/qutebrowser
noblacklist ${HOME}/.local/share/qutebrowser
# Allow /bin/sh (blacklisted by disable-shell.inc)
include allow-bin-sh.inc
# Allow python (blacklisted by disable-interpreters.inc)
include allow-python2.inc
include allow-python3.inc
@ -19,6 +22,7 @@ include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-shell.inc
mkdir ${HOME}/.cache/qutebrowser
mkdir ${HOME}/.config/qutebrowser
@ -27,7 +31,12 @@ whitelist ${DOWNLOADS}
whitelist ${HOME}/.cache/qutebrowser
whitelist ${HOME}/.config/qutebrowser
whitelist ${HOME}/.local/share/qutebrowser
whitelist /usr/share/qtbrowser
include whitelist-common.inc
include whitelist-run-common.inc
include whitelist-runuser-common.inc
include whitelist-usr-share-common.inc
include whitelist-var-common.inc
apparmor
caps.drop all