aboutsummaryrefslogtreecommitdiffstats
path: root/.config/firejail
diff options
context:
space:
mode:
authorkatherine <ageha@airen-no-jikken.icu>2019-07-11 04:56:56 -0700
committerkatherine <ageha@airen-no-jikken.icu>2019-07-11 04:56:56 -0700
commit40195ec4af1d1192ca6d1a9ef5aaacf002b87309 (patch)
tree0355e6e0e3b20b81f659d3f0730c7864ef3ee327 /.config/firejail
parent021b56a5abca3d78ee8e277cca6ded7219d55bed (diff)
downloaddotfiles-40195ec4af1d1192ca6d1a9ef5aaacf002b87309.tar.gz
miscellaneous
Diffstat (limited to '.config/firejail')
-rw-r--r--.config/firejail/firefox.profile46
1 files changed, 19 insertions, 27 deletions
diff --git a/.config/firejail/firefox.profile b/.config/firejail/firefox.profile
index 421a239..75b973e 100644
--- a/.config/firejail/firefox.profile
+++ b/.config/firejail/firefox.profile
@@ -1,37 +1,29 @@
-# Firejail profile for Mozilla Firefox (Iceweasel in Debian)
+# Firejail profile for firefox
+# Description: Safe and easy web browser from Mozilla
+# This file is overwritten after every install/update
+# Persistent local customizations
+include firefox.local
+# Persistent global definitions
+include globals.local
-noblacklist ~/.mozilla
-noblacklist ~/.cache/mozilla
-include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
-include /etc/firejail/disable-devel.inc
+noblacklist ${HOME}/.cache/mozilla
+noblacklist ${HOME}/.mozilla
-caps.drop all
-netfilter
-nonewprivs
-noroot
-protocol unix,inet,inet6,netlink
-seccomp
-tracelog
+mkdir ${HOME}/.cache/mozilla/firefox
+mkdir ${HOME}/.mozilla
+whitelist ${HOME}/.cache/mozilla/firefox
+whitelist ${HOME}/.mozilla
whitelist ~/desktop
whitelist ~/downloads
whitelist ~/images
whitelist ~/videos
whitelist ~/audio/clips
-mkdir ~/.mozilla
-whitelist ~/.mozilla
-mkdir ~/.cache
-mkdir ~/.cache/mozilla
-mkdir ~/.cache/mozilla/firefox
-whitelist ~/.cache/mozilla/firefox
-whitelist ~/dwhelper
-mkdir ~/.local
-mkdir ~/.local/share
-mkdir ~/.local/share/tridactyl
-whitelist ~/.local/share/tridactyl
-include /etc/firejail/whitelist-common.inc
+# firefox requires a shell to launch on Arch.
+#private-bin firefox,which,sh,dbus-launch,dbus-send,env,bash
+# private-etc must first be enabled in firefox-common.profile
+#private-etc firefox
-# experimental features
-#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
+# Redirect
+include firefox-common.profile