From 1bc8aa010a86ddd608f4d039dfb9559b04cf1357 Mon Sep 17 00:00:00 2001 From: katherine Date: Fri, 1 Jan 2016 18:26:19 -0700 Subject: firefox dir access --- .config/firejail/firefox.profile | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 .config/firejail/firefox.profile (limited to '.config/firejail/firefox.profile') diff --git a/.config/firejail/firefox.profile b/.config/firejail/firefox.profile new file mode 100644 index 0000000..77b708a --- /dev/null +++ b/.config/firejail/firefox.profile @@ -0,0 +1,39 @@ +# Firejail profile for Mozilla Firefox (Iceweasel in Debian) +noblacklist ${HOME}/.mozilla +noblacklist ${HOME}/desktop +noblacklist ${HOME}/downloads +noblacklist ${HOME}/images +noblacklist ${HOME}/videos/web +include /etc/firejail/disable-mgmt.inc +include /etc/firejail/disable-secret.inc +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-devel.inc +blacklist ${PATH}/udevil +caps.drop all +seccomp +protocol unix,inet,inet6,netlink +netfilter +tracelog +noroot +whitelist ~/desktop +whitelist ~/downloads +whitelist ~/images +whitelist ~/videos/web +whitelist ~/.mozilla +whitelist ~/.cache/mozilla/firefox +whitelist ~/dwhelper +whitelist ~/.zotero +whitelist ~/.lastpass +whitelist ~/.vimperatorrc +whitelist ~/.vimperator +whitelist ~/.pentadactylrc +whitelist ~/.pentadactyl +whitelist ~/.keysnail.js +whitelist ~/.config/gnome-mplayer +whitelist ~/.cache/gnome-mplayer/plugin +include /etc/firejail/whitelist-common.inc + +# experimental features +#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse + + -- cgit v1.2.3