diff options
author | Christoph Cullmann <cullmann@kde.org> | 2023-10-21 18:08:29 +0200 |
---|---|---|
committer | Christoph Cullmann <cullmann@kde.org> | 2023-10-21 18:08:29 +0200 |
commit | 4f2848ca3941268762e06ae0bcc227b73b7486a7 (patch) | |
tree | 9fc494a58bca5abba6b0483a26700128fefc02b3 | |
parent | 65b8beb6440912a04a8e5fcdb093613fadab4f75 (diff) |
try firejail again for browsers
-rw-r--r-- | common.nix | 15 |
1 files changed, 12 insertions, 3 deletions
@@ -204,7 +204,6 @@ in aspellDicts.en borgbackup btop - chromium clamav clinfo config.boot.kernelPackages.perf @@ -212,7 +211,6 @@ in fdupes file filelight - firefox gitFull glxinfo gptfdisk @@ -236,7 +234,18 @@ in zsh-powerlevel10k ]; - # we want global available browsers + # we want sandboxed browsers + programs.firejail.enable = true; + programs.firejail.wrappedBinaries = { + chromium = { + executable = "${pkgs.lib.getBin pkgs.chromium}/bin/chromium"; + profile = "${pkgs.firejail}/etc/firejail/chromium.profile"; + }; + firefox = { + executable = "${pkgs.lib.getBin pkgs.firefox}/bin/firefox"; + profile = "${pkgs.firejail}/etc/firejail/firefox.profile"; + }; + }; programs.chromium.enable = true; programs.firefox.enable = true; |