configs: tigher policy for firefox
This commit is contained in:
parent
37c2875e2e
commit
f0eb0b3dbf
@ -49,14 +49,8 @@ mount {
|
||||
}
|
||||
|
||||
mount {
|
||||
src: "/sbin"
|
||||
dst: "/sbin"
|
||||
is_bind: true
|
||||
}
|
||||
|
||||
mount {
|
||||
src: "/usr"
|
||||
dst: "/usr"
|
||||
src: "/usr/lib"
|
||||
dst: "/usr/lib"
|
||||
is_bind: true
|
||||
}
|
||||
|
||||
@ -80,6 +74,12 @@ mount {
|
||||
is_bind: true
|
||||
}
|
||||
|
||||
mount {
|
||||
src: "/usr/share"
|
||||
dst: "/usr/share"
|
||||
is_bind: true
|
||||
}
|
||||
|
||||
mount {
|
||||
src: "/dev/urandom"
|
||||
dst: "/dev/urandom"
|
||||
@ -150,5 +150,5 @@ seccomp_string: "
|
||||
"
|
||||
|
||||
exec_bin {
|
||||
path: "/usr/bin/firefox"
|
||||
path: "/usr/lib/firefox/firefox"
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user