From b18677aa7c8a2e2bedc09769ebb984eddefadf0f Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Wed, 27 Sep 2023 06:06:41 +0000
Subject: [PATCH] profile.template: update private-opt instructions

---
 etc/templates/profile.template | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/etc/templates/profile.template b/etc/templates/profile.template
index eec020bb595..29f9839f272 100644
--- a/etc/templates/profile.template
+++ b/etc/templates/profile.template
@@ -196,10 +196,14 @@ include globals.local
 #    Extra: gai.conf,proxychains.conf
 #  Qt: Trolltech.conf
 ##private-lib LIBS
-## private-opt breaks file-copy-limit, use a whitelist instead of draining RAM
+## private-opt can break file-copy-limit (500MB)
 ## https://github.com/netblue30/firejail/discussions/5307
+## for sizeable apps:
+## - never use 'private-opt NAME'
+## - place 'whitelist /opt/NAME' in the whitelist section above
+## for acceptable apps:
 ##private-opt NAME
-##whitelist /opt/NAME
+## - place 'whitelist /opt/NAME' in the whitelist section above
 #private-tmp
 ##writable-etc
 ##writable-run-user