diff options
| author | katherine <shmibs@shmibbles.me> | 2016-01-01 18:26:19 -0700 |
|---|---|---|
| committer | katherine <shmibs@shmibbles.me> | 2016-01-01 18:26:19 -0700 |
| commit | 1bc8aa010a86ddd608f4d039dfb9559b04cf1357 (patch) | |
| tree | 03e29ac394b767dc18533bab684d89f9b3e652e4 | |
| parent | 894f5be9a47c6b42b0b4bf7e77f797a8dc643c03 (diff) | |
| download | dotfiles-1bc8aa010a86ddd608f4d039dfb9559b04cf1357.tar.gz | |
firefox dir access
| -rw-r--r-- | .config/firejail/firefox.profile | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/.config/firejail/firefox.profile b/.config/firejail/firefox.profile new file mode 100644 index 0000000..77b708a --- /dev/null +++ b/.config/firejail/firefox.profile @@ -0,0 +1,39 @@ +# Firejail profile for Mozilla Firefox (Iceweasel in Debian) +noblacklist ${HOME}/.mozilla +noblacklist ${HOME}/desktop +noblacklist ${HOME}/downloads +noblacklist ${HOME}/images +noblacklist ${HOME}/videos/web +include /etc/firejail/disable-mgmt.inc +include /etc/firejail/disable-secret.inc +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-devel.inc +blacklist ${PATH}/udevil +caps.drop all +seccomp +protocol unix,inet,inet6,netlink +netfilter +tracelog +noroot +whitelist ~/desktop +whitelist ~/downloads +whitelist ~/images +whitelist ~/videos/web +whitelist ~/.mozilla +whitelist ~/.cache/mozilla/firefox +whitelist ~/dwhelper +whitelist ~/.zotero +whitelist ~/.lastpass +whitelist ~/.vimperatorrc +whitelist ~/.vimperator +whitelist ~/.pentadactylrc +whitelist ~/.pentadactyl +whitelist ~/.keysnail.js +whitelist ~/.config/gnome-mplayer +whitelist ~/.cache/gnome-mplayer/plugin +include /etc/firejail/whitelist-common.inc + +# experimental features +#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse + + |