diff options
author | Gaming4JC <g4jc@openmailbox.org> | 2016-11-24 01:19:18 -0500 |
---|---|---|
committer | Gaming4JC <g4jc@openmailbox.org> | 2016-11-24 01:19:18 -0500 |
commit | 96352a48289236dd6523f6ad55ff471b8bc3b12e (patch) | |
tree | c03130748ba2f3658c917168348a481556d0aa92 /nonprism-testing/icedove-hardened-preferences/icedove-hardened.sh | |
parent | 54c94a19f33358b42218c0a4c1deb8303c0eb080 (diff) | |
download | abslibre-96352a48289236dd6523f6ad55ff471b8bc3b12e.tar.gz abslibre-96352a48289236dd6523f6ad55ff471b8bc3b12e.tar.bz2 abslibre-96352a48289236dd6523f6ad55ff471b8bc3b12e.zip |
icedove hardening script
Diffstat (limited to 'nonprism-testing/icedove-hardened-preferences/icedove-hardened.sh')
-rwxr-xr-x | nonprism-testing/icedove-hardened-preferences/icedove-hardened.sh | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/nonprism-testing/icedove-hardened-preferences/icedove-hardened.sh b/nonprism-testing/icedove-hardened-preferences/icedove-hardened.sh new file mode 100755 index 000000000..86c31935a --- /dev/null +++ b/nonprism-testing/icedove-hardened-preferences/icedove-hardened.sh @@ -0,0 +1,24 @@ +#!/bin/sh + +############################################## +# IceDove-Hardened Jail and Cleaner Script # +############################################## +echo "Closing any other instances of IceDove to avoid crashes..." +pkill -x icedove +wait +echo "Copying Hardened Prefs..." +cp /usr/lib/icedove/browser/defaults/preferences/icedove-branding.js /usr/lib/icedove/browser/defaults/preferences/thunderbird-branding.js +wait +echo "Waking the IceDove..." + +# Trap cleaner function for IceDove exit cleaning +function finish { +echo "Removing hardened preferences..." +echo "" > /usr/lib/icedove/browser/defaults/preferences/thunderbird-branding.js + } + +## Firejail IceDove startup +/usr/bin/firejail --profile=/etc/icedove.profile --noroot --nogroups --caps.drop=all --private-etc=/etc --private-bin=bash,sed,ls,cat,icedove --private-tmp /usr/bin/icedove + +## Exiting IceDove triggers the trap +trap finish EXIT
\ No newline at end of file |