Skip to content

Commit

Permalink
profiles: blink-common-hardened: fix u2f
Browse files Browse the repository at this point in the history 
udev rules may set permissions in /dev/... to enable ordinary users to
access the hardware token.
This fix checks whether u2f is enabled in firejail.config in order to
keep this permission change inside the sandbox.
  • Loading branch information
@northboot
northboot committed Feb 25, 2025
1 parent a78cdcd commit 5bd98fa
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion etc/profile-a-l/blink-common-hardened.inc.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ include blink-common-hardened.inc.local

caps.drop all
nonewprivs
noroot
?BROWSER_DISABLE_U2F: noroot
protocol unix,inet,inet6,netlink
seccomp !chroot

Expand Down

0 comments on commit 5bd98fa

Please sign in to comment.