From 12ce8bdd65d3b5fcd6e8227eaecd5f772a90f8da Mon Sep 17 00:00:00 2001 From: Sam Chudnick Date: Sun, 11 Jun 2023 08:00:24 -0400 Subject: Configuration file updates and additions. --- .config/firejail/newsboat.profile | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to '.config/firejail/newsboat.profile') diff --git a/.config/firejail/newsboat.profile b/.config/firejail/newsboat.profile index 0de5928..ebdc76e 100644 --- a/.config/firejail/newsboat.profile +++ b/.config/firejail/newsboat.profile @@ -24,6 +24,16 @@ include whitelist-common.inc include whitelist-runuser-common.inc include whitelist-var-common.inc +# Access to GPG for encrypting/decrypting/signing mail and passwords with pass +noblacklist ${HOME}/.gnupg +whitelist ${HOME}/.gnupg +noblacklist ${RUNUSER}/gnupg + +# This assumes you keep mail account passwords under a separate directory named mail +# This to avoid exposing all passwords to the sandbox, only necessary ones +noblacklist ${HOME}/.local/share/password-store +whitelist ${HOME}/.local/share/password-store/homelab/freshrss + caps.drop all ipc-namespace netfilter -- cgit v1.2.3