firefox profile fixes

README

@@ -18,6 +18,8 @@ License: GPL v2
 Firejail Authors:
 
 netblue30 (netblue30@yahoo.com)
+Matt Parnell (https://github.com/ilikenwf)
+	- whitelisting for core firefox related functionality
 Andrey Alekseenko (https://github.com/al42and)
 	- fixed Skype profile
 Ondra Nekola (https://github.com/satai)

README.md

@@ -55,14 +55,21 @@ include /etc/firejail/whitelist-common.inc
 `````
 /etc/firejail/whitelist-common.inc
 `````
+whitelist ~/.config/mimeapps.list (new in 0.9.35)
+whitelist ~/.icons (new in 0.9.35)
+
+# fonts
 whitelist ~/.fonts (0.9.34)
 whitelist ~/.fonts.d (0.9.34)
 whitelist ~/.fontconfig (0.9.34)
 whitelist ~/.fonts.conf (0.9.34)
 whitelist ~/.fonts.conf.d (0.9.34)
+
+# gtk
+whitelist ~/.gtkrc (new in 0.9.35)
 whitelist ~/.gtkrc-2.0 (0.9.34)
 whitelist ~/.config/gtk-3.0 (new in 0.9.35)
-whitelist ~/.themes/ (new in 0.9.35)
+whitelist ~/.themes (new in 0.9.35)
 `````
 If you are using a plugin or extension that requires other directories, please open a new issue: https://github.com/netblue30/firejail/issues
 

etc/firefox.profile

@@ -1,6 +1,5 @@
 # Firejail profile for Mozilla Firefox (Iceweasel in Debian)
 noblacklist ${HOME}/.mozilla
-noblacklist /usr/lib/firefox
 include /etc/firejail/disable-mgmt.inc
 include /etc/firejail/disable-secret.inc
 include /etc/firejail/disable-common.inc
@@ -10,11 +9,7 @@ seccomp
 protocol unix,inet,inet6,netlink
 netfilter
 noroot
-whitelist ~/.config/mimeapps.list
-whitelist ~/.gtkrc
-whitelist ~/.icons
 whitelist ~/.mozilla
-whitelist ~/.themes
 whitelist ~/Downloads
 whitelist ~/Загрузки
 whitelist ~/.cache/mozilla/firefox

etc/whitelist-common.inc

@@ -1,5 +1,8 @@
 # common whitelist for all profiles
 
+whitelist ~/.config/mimeapps.list
+whitelist ~/.icons
+
 # fonts
 whitelist ~/.fonts
 whitelist ~/.fonts.d
@@ -8,6 +11,7 @@ whitelist ~/.fonts.conf
 whitelist ~/.fonts.conf.d
 
 # gtk
+whitelist ~/.gtkrc
 whitelist ~/.gtkrc-2.0
 whitelist ~/.config/gtk-3.0
-whitelist ~/.themes/
+whitelist ~/.themes