From 12ce8bdd65d3b5fcd6e8227eaecd5f772a90f8da Mon Sep 17 00:00:00 2001 From: Sam Chudnick Date: Sun, 11 Jun 2023 08:00:24 -0400 Subject: Configuration file updates and additions. --- .config/firejail/neomutt.profile | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to '.config/firejail/neomutt.profile') diff --git a/.config/firejail/neomutt.profile b/.config/firejail/neomutt.profile index 0a43c6f..0934bd1 100644 --- a/.config/firejail/neomutt.profile +++ b/.config/firejail/neomutt.profile @@ -16,6 +16,7 @@ whitelist ${HOME}/.mbsyncrc whitelist ${HOME}/.config/mbsync whitelist ${HOME}/.config/msmtp whitelist ${HOME}/.w3m +whitelist ${HOME}/attachments noblacklist ${HOME}/.Mail noblacklist ${HOME}/.cache/mutt @@ -31,22 +32,25 @@ noblacklist ${HOME}/.mbsyncrc noblacklist ${HOME}/.config/mbsync noblacklist ${HOME}/.config/msmtp noblacklist ${HOME}/.w3m +whitelist ${HOME}/attachments # Access to GPG for encrypting/decrypting/signing mail and passwords with pass -whitelist ${HOME}/.gnupg noblacklist ${HOME}/.gnupg -whitelist ${RUNUSER}/gnupg +whitelist ${HOME}/.gnupg +noblacklist ${RUNUSER}/gnupg # This assumes you keep mail account passwords under a separate directory named mail # This to avoid exposing all passwords to the sandbox, only necessary ones +noblacklist ${HOME}/.local/share/password-store whitelist ${HOME}/.local/share/password-store/mail -noblacklist ${HOME}/.local/share/password-store/mail # abook whitelist ${HOME}/.config/abook whitelist ${HOME}/.local/share/abook +# Breaks GPG when enabled #include whitelist-runuser-common.inc + writable-run-user blacklist /tmp/.X11-unix blacklist ${RUNUSER}/wayland-* -- cgit v1.2.3