summaryrefslogtreecommitdiff
path: root/nonprism
diff options
context:
space:
mode:
authorGaming4JC <g4jc@openmailbox.org>2017-10-29 19:04:35 -0400
committerGaming4JC <g4jc@openmailbox.org>2017-10-29 19:04:35 -0400
commit924fffd8874acf186e32647f8c164e84a8d21188 (patch)
tree8b67c688cf606e0b8e5b82db6b38903037b2f186 /nonprism
parent5a55e2396c4f9b579c2cfac11daadd6a5d1675a3 (diff)
iceweasel-hardened-preferences: bump to version 1.0
Iceweasel-Hardened-Preferences v1.0. * Disable SHIELD surveys * Prevent Time-Zone leaks
Diffstat (limited to 'nonprism')
-rw-r--r--nonprism/iceweasel-hardened-preferences/PKGBUILD10
-rw-r--r--nonprism/iceweasel-hardened-preferences/iceweasel-branding.js10
-rwxr-xr-xnonprism/iceweasel-hardened-preferences/iceweasel-hardened.sh2
3 files changed, 16 insertions, 6 deletions
diff --git a/nonprism/iceweasel-hardened-preferences/PKGBUILD b/nonprism/iceweasel-hardened-preferences/PKGBUILD
index 2f1518faa..3c278d1df 100644
--- a/nonprism/iceweasel-hardened-preferences/PKGBUILD
+++ b/nonprism/iceweasel-hardened-preferences/PKGBUILD
@@ -2,7 +2,7 @@
# Contributor: André Silva <emulatorman@hyperbola.info>
pkgname=iceweasel-hardened-preferences
-pkgver=0.9
+pkgver=1.0
pkgrel=1
pkgdesc="Hardened preferences script which runs Iceweasel to protect from a variety of privacy, security, and fingerprinting attacks."
arch=(any)
@@ -20,12 +20,12 @@ source=('firefox-branding.js'
'iceweasel-branding.js'
'iceweasel-hardened.install')
sha512sums=('cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e'
- 'd542452fa1d619d22e9c9b6e4af58d7310abdc5c81d871a1abbddb0087c53913c8a244af2b7be416a2c439383afc2480c439078ebde0ccac518300d9027b4800'
- '44d00e7ad136f0b6e00f428c392a9ce36ed7c8c1b1c6a2fe7dacb8da3aa4c61660ceadeb5db8d0b22c5d878607b4e57d8feca633fd8f25c0526992ec13fe0d25'
+ '14cbcb503e30143b9411723dcd361fdc3eea31b76e5678cec1c26e99d6e6cbfa5e4c9350e43408e2f80903ae451ac481373ed25bbbf3afa8eefdef5597815cb6'
+ 'f0062cf0b353cff37817154e256279e1cd1de90b9515385571964540ae3a1c1c309418fddfab1742b5b02819af1b96ab8b0c44c27cf5ef346d5495fa3af46ec8'
'e9baa13d50195ff5be507093c45c00bb06a77c9e633ac183ec2fd74eebb11bfc07bde334fe4455b763e8700cde146ae223578ebd8d13066739220502b6eebff6')
whirlpoolsums=('19fa61d75522a4669b44e39c1d2e1726c530232130d407f89afee0964997f7a73e83be698b288febcf88e3e03c4f0757ea8964e59b63d93708b138cc42a66eb3'
- 'f7cb38e58f644ddeae9f931c290ae1d96e54d0a8937171f2ebad498b65b87f2115cbd0a0f2a55e12dceba7a387e70fd2432678010a87975f8322c9c27b41efd2'
- 'b56b26803f887be6d34958f736a8d3f6fd68fdffcf3b630a844f506a7b301b08c60c9772a77fb7db8adf76024d175325e5cbcb9b619979ba81de26e316150114'
+ '69e24af0b814c2fda677799b40c31063619004ea8ebd8969d904dbb010c7f193c7d4375d1d9a55f53d61bddbe23de1e0ad6776d98740ad65d881d1b2a5b436ef'
+ '59f05648c6340f6a58bd2d9a65da7e04a7c0ad4e0869f51425f660f2945e7c42baccac48649941a6267b90d1777ecd5b49a068507221a084cfdaca1c3f2b0e6'
'44b57bbbf8f00ffee11afc84f5ea3daedc39e59da3ee91e337c1eaad24c014caf5680eb250e25a3e046db9caaf6829c3b667693de9f040d8864be34b96300bb9')
package() {
diff --git a/nonprism/iceweasel-hardened-preferences/iceweasel-branding.js b/nonprism/iceweasel-hardened-preferences/iceweasel-branding.js
index 2b12d8958..399cfda50 100644
--- a/nonprism/iceweasel-hardened-preferences/iceweasel-branding.js
+++ b/nonprism/iceweasel-hardened-preferences/iceweasel-branding.js
@@ -936,6 +936,8 @@ user_pref("network.protocol-handler.external.ftp", false);
user_pref("network.protocol-handler.external.file", false);
user_pref("network.protocol-handler.external.about", false);
user_pref("network.protocol-handler.external.chrome", false);
+user_pref("network.protocol-handler.external.blob", false);
+user_pref("network.protocol-handler.external.data", false);
user_pref("network.protocol-handler.expose-all", false);
user_pref("network.protocol-handler.expose.http", true);
user_pref("network.protocol-handler.expose.https", true);
@@ -945,6 +947,8 @@ user_pref("network.protocol-handler.expose.ftp", true);
user_pref("network.protocol-handler.expose.file", true);
user_pref("network.protocol-handler.expose.about", true);
user_pref("network.protocol-handler.expose.chrome", true);
+user_pref("network.protocol-handler.expose.blob", true);
+user_pref("network.protocol-handler.expose.data", true);
/******************************************************************************
* SECTION: Extensions / plugins *
@@ -1321,6 +1325,12 @@ pref("services.sync.jpake.serverURL", "about:blank");
pref("services.sync.log.appender.file.logOnError", false);
pref("services.sync.ui.hidden", true);
+// PREF: Disable SHIELD
+// https://support.mozilla.org/en-US/kb/shield
+// https://bugzilla.mozilla.org/show_bug.cgi?id=1370801
+user_pref("extensions.shield-recipe-client.enabled", false);
+user_pref("app.shield.optoutstudies.enabled", false);
+
/******************************************************************************
* SECTION: Automatic connections *
******************************************************************************/
diff --git a/nonprism/iceweasel-hardened-preferences/iceweasel-hardened.sh b/nonprism/iceweasel-hardened-preferences/iceweasel-hardened.sh
index b01df4122..e9e1bfaf1 100755
--- a/nonprism/iceweasel-hardened-preferences/iceweasel-hardened.sh
+++ b/nonprism/iceweasel-hardened-preferences/iceweasel-hardened.sh
@@ -18,7 +18,7 @@ echo "" > /usr/lib/iceweasel/browser/defaults/preferences/firefox-branding.js
}
## Firejail Iceweasel startup
-/usr/bin/firejail --profile=/etc/firejail/firefox.profile --noroot --nogroups --caps.drop=all --private-etc=nsswitch.conf,resolv.conf --private-bin=bash,iceweasel --private-tmp --private-dev /usr/bin/iceweasel --private-window
+TZ="UTC" /usr/bin/firejail --profile=/etc/firejail/firefox.profile --noroot --nogroups --caps.drop=all --private-etc=nsswitch.conf,resolv.conf --private-bin=bash,iceweasel --private-tmp --private-dev /usr/bin/iceweasel --private-window -no-remote
## Exiting Iceweasel triggers the trap
trap finish EXIT \ No newline at end of file