diff options
Diffstat (limited to '.config/firejail/newsboat.profile')
-rw-r--r-- | .config/firejail/newsboat.profile | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/.config/firejail/newsboat.profile b/.config/firejail/newsboat.profile index 0de5928..ebdc76e 100644 --- a/.config/firejail/newsboat.profile +++ b/.config/firejail/newsboat.profile | |||
@@ -24,6 +24,16 @@ include whitelist-common.inc | |||
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
27 | # Access to GPG for encrypting/decrypting/signing mail and passwords with pass | ||
28 | noblacklist ${HOME}/.gnupg | ||
29 | whitelist ${HOME}/.gnupg | ||
30 | noblacklist ${RUNUSER}/gnupg | ||
31 | |||
32 | # This assumes you keep mail account passwords under a separate directory named mail | ||
33 | # This to avoid exposing all passwords to the sandbox, only necessary ones | ||
34 | noblacklist ${HOME}/.local/share/password-store | ||
35 | whitelist ${HOME}/.local/share/password-store/homelab/freshrss | ||
36 | |||
27 | caps.drop all | 37 | caps.drop all |
28 | ipc-namespace | 38 | ipc-namespace |
29 | netfilter | 39 | netfilter |