summaryrefslogtreecommitdiff
path: root/nonprism-testing/iceweasel-hardened-preferences/icewease-hardened
diff options
context:
space:
mode:
Diffstat (limited to 'nonprism-testing/iceweasel-hardened-preferences/icewease-hardened')
-rw-r--r--nonprism-testing/iceweasel-hardened-preferences/icewease-hardened23
1 files changed, 23 insertions, 0 deletions
diff --git a/nonprism-testing/iceweasel-hardened-preferences/icewease-hardened b/nonprism-testing/iceweasel-hardened-preferences/icewease-hardened
new file mode 100644
index 000000000..18602dfc4
--- /dev/null
+++ b/nonprism-testing/iceweasel-hardened-preferences/icewease-hardened
@@ -0,0 +1,23 @@
+#!/bin/sh
+##############################################
+# IceWeasel-Hardened Jail and Cleaner Script #
+##############################################
+echo "Closing any other instances of IceWeasel to avoid crashes..."
+pkill iceweasel
+wait
+echo "Copying Hardened Prefs..."
+cp /usr/lib/iceweasel/browser/defaults/preferences/iceweasel-branding.js /usr/lib/iceweasel/browser/defaults/preferences/firefox-branding.js
+wait
+echo "Waking the IceWeasel..."
+
+# Trap cleaner function for IceWeasel exit cleaning
+function finish {
+echo "Removing hardened preferences..."
+echo "" > /usr/lib/iceweasel/browser/defaults/preferences/firefox-branding.js
+ }
+
+## Firejail IceWeasel startup
+firejail --seccomp --noroot --nogroups --caps.drop=all --private-etc=/etc/user.js --private-bin=bash,sed,ls,cat,iceweasel --private-tmp --private-home=~/.mozilla --whitelist=~/Downloads /usr/bin/iceweasel --private-window
+
+## Exiting IceWeasel triggers the trap
+trap finish EXIT \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-26 05:08:40 +0000