mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-21 06:45:29 -06:00
harden redeclipse
This commit is contained in:
rusty-snake
parent
8f23b47309
commit
7c21aad234
1 changed files with 9 additions and 0 deletions
|
|
@ -14,10 +14,14 @@ include disable-exec.inc
|
|||
include disable-interpreters.inc
|
||||
include disable-passwdmgr.inc
|
||||
include disable-programs.inc
|
||||
include disable-xdg.inc
|
||||
|
||||
mkdir ${HOME}/.redeclipse
|
||||
whitelist ${HOME}/.redeclipse
|
||||
whitelist /usr/share/redeclipse
|
||||
include whitelist-common.inc
|
||||
include whitelist-runuser-common.inc
|
||||
include whitelist-usr-share-common.inc
|
||||
include whitelist-var-common.inc
|
||||
|
||||
caps.drop all
|
||||
|
|
@ -32,8 +36,13 @@ novideo
|
|||
protocol unix,inet,inet6
|
||||
seccomp
|
||||
shell none
|
||||
tracelog
|
||||
|
||||
disable-mnt
|
||||
#private-bin redeclipse,sh,man
|
||||
private-cache
|
||||
private-dev
|
||||
private-tmp
|
||||
|
||||
dbus-user none
|
||||
dbus-system none
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue