configs: tigher policy for firefox

2017-05-28 02:55:50 +02:00 · 2017-05-28 02:55:50 +02:00 · f0eb0b3dbf
commit f0eb0b3dbf
parent 37c2875e2e
1 changed files with 9 additions and 9 deletions
--- a/configs/firefox-with-net.cfg
+++ b/configs/firefox-with-net.cfg
@ -49,14 +49,8 @@ mount {
 }

 mount {
-	src: "/sbin"
-	dst: "/sbin"
-	is_bind: true
-}
-
-mount {
-	src: "/usr"
-	dst: "/usr"
+	src: "/usr/lib"
+	dst: "/usr/lib"
 	is_bind: true
 }

@ -80,6 +74,12 @@ mount {
 	is_bind: true
 }

+mount {
+	src: "/usr/share"
+	dst: "/usr/share"
+	is_bind: true
+}
+
 mount {
 	src: "/dev/urandom"
 	dst: "/dev/urandom"
@ -150,5 +150,5 @@ seccomp_string: "
 "

 exec_bin {
-        path: "/usr/bin/firefox"
+        path: "/usr/lib/firefox/firefox"
 }