summaryrefslogtreecommitdiff
path: root/nonprism-testing/iceweasel-hardened-preferences/ice.weasel-hardened.sh
diff options
context:
space:
mode:
Diffstat (limited to 'nonprism-testing/iceweasel-hardened-preferences/ice.weasel-hardened.sh')
-rwxr-xr-xnonprism-testing/iceweasel-hardened-preferences/ice.weasel-hardened.sh24
1 files changed, 24 insertions, 0 deletions
diff --git a/nonprism-testing/iceweasel-hardened-preferences/ice.weasel-hardened.sh b/nonprism-testing/iceweasel-hardened-preferences/ice.weasel-hardened.sh
new file mode 100755
index 000000000..2808c6cb4
--- /dev/null
+++ b/nonprism-testing/iceweasel-hardened-preferences/ice.weasel-hardened.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+##############################################
+# IceWeasel-Hardened Jail and Cleaner Script #
+##############################################
+echo "Closing any other instances of IceWeasel to avoid crashes..."
+pkill iceweasel
+wait
+echo "Copying Hardened Prefs..."
+cp /usr/lib/iceweasel/browser/defaults/preferences/iceweasel-branding.js /usr/lib/iceweasel/browser/defaults/preferences/firefox-branding.js
+wait
+echo "Waking the IceWeasel..."
+
+# Trap cleaner function for IceWeasel exit cleaning
+function finish {
+echo "Removing hardened preferences..."
+echo "" > /usr/lib/iceweasel/browser/defaults/preferences/firefox-branding.js
+ }
+
+## Firejail IceWeasel startup
+/usr/bin/firejail --seccomp --noroot --nogroups --caps.drop=all --private-etc=/etc/user.js --private-bin=bash,sed,ls,cat,iceweasel --private-tmp --private-home=~/.mozilla --whitelist=~/Downloads /usr/bin/iceweasel --private-window
+
+## Exiting IceWeasel triggers the trap
+trap finish EXIT \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-01 23:57:20 +0000