Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# Firejail profile for otter-browser
# Description: Lightweight web browser based on Qt WebEngine
# This file is overwritten after every install/update
# Persistent local customizations
include otter-browser.local
# Persistent global definitions
include globals.local
#noblacklist ${HOME}/.cache/falkon
#noblacklist ${HOME}/.config/falkon
noblacklist ~/.config/otter
noblacklist ~/.cache/Otter
include disable-common.inc
include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-passwdmgr.inc
include disable-programs.inc
mkdir ${HOME}/.cache/Otter
mkdir ${HOME}/.config/otter
whitelist ${DOWNLOADS}
whitelist ${HOME}/.cache/Otter
whitelist ${HOME}/.config/otter
include whitelist-common.inc
include whitelist-var-common.inc
caps.drop all
netfilter
nodvd
nogroups
nonewprivs
noroot
notv
nou2f
protocol unix,inet,inet6,netlink
# blacklisting of chroot system calls breaks falkon
seccomp !chroot
#seccomp
# tracelog
nodbus
private-dev
# private-etc alternatives,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,adobe,mime.types,mailcap,asound.conf,pulse,machine-id,ca-certificates,ssl,pki,crypto-policies
# private-tmp - interferes with the opening of downloaded files
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.