Add custom firejail for surf - dotfiles - configuration files for shell, text editor, graphical environment, etc.

commit bddc1627011e72d3f233a7b0dd8da0ee8122b540
parent bfd696e710b9c0984dc7385364678d9b832408fa
Author: Anders Damsgaard <anders@adamsgaard.dk>
Date:   Sat, 16 Mar 2019 14:05:09 +0100

Add custom firejail for surf

Diffstat:
A links/.config/firejail/surf.config  | 37 +++++++++++++++++++++++++++++++++++++

1 file changed, 37 insertions(+), 0 deletions(-)
diff --git a/links/.config/firejail/surf.config b/links/.config/firejail/surf.config
@@ -0,0 +1,37 @@
+# Firejail profile for surf
+# Persistent local customizations
+include surf.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.surf
+
+include disable-common.inc
+include disable-devel.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+
+mkdir ${HOME}/.surf
+whitelist ${HOME}/tmp
+include whitelist-common.inc
+
+caps.drop all
+netfilter
+nodvd
+nonewprivs
+noroot
+notv
+nou2f
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin ls,surf,sh,bash,curl,dmenu,printf,sed,sleep,st,stterm,xargs,xprop
+private-dev
+private-etc passwd,group,hosts,resolv.conf,fonts,ssl,pki,ca-certificates,crypto-policies
+private-tmp
+
+noexec ${HOME}
+noexec /tmp

	dotfiles configuration files for shell, text editor, graphical environment, etc.
	git clone git://src.adamsgaard.dk/dotfiles
	Log \| Files \| Refs \| README \| LICENSE	Back to index