diff options
author | netblue30 <netblue30@yahoo.com> | 2019-04-12 11:53:09 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2019-04-12 11:53:09 -0400 |
commit | b9c8a94590985666cf1b2187565024fed364aba6 (patch) | |
tree | dbb89dae00a8b708788872496b77cc67e47671e6 | |
parent | Merge branch 'master' of github.com:netblue30/firejail (diff) | |
download | firejail-b9c8a94590985666cf1b2187565024fed364aba6.tar.gz firejail-b9c8a94590985666cf1b2187565024fed364aba6.tar.zst firejail-b9c8a94590985666cf1b2187565024fed364aba6.zip |
adding disable-exec.inc to the remaining profiles
162 files changed, 165 insertions, 326 deletions
@@ -38,10 +38,12 @@ Committers | |||
38 | - glitsj16 (https://github.com/glitsj16) | 38 | - glitsj16 (https://github.com/glitsj16) |
39 | - Fred-Barclay (https://github.com/Fred-Barclay) | 39 | - Fred-Barclay (https://github.com/Fred-Barclay) |
40 | - Reiner Herrmann (https://github.com/reinerh - Debian/Ubuntu maintainer) | 40 | - Reiner Herrmann (https://github.com/reinerh - Debian/Ubuntu maintainer) |
41 | - rusty-snake (https://github.com/rusty-snake) | ||
41 | - smithsohu (https://github.com/smitsohu) | 42 | - smithsohu (https://github.com/smitsohu) |
42 | - SkewedZeppelin (https://github.com/SkewedZeppelin) | 43 | - SkewedZeppelin (https://github.com/SkewedZeppelin) |
43 | - startx2017 (https://github.com/startx2017) - LTS and *bugfixes branches maintainer) | 44 | - startx2017 (https://github.com/startx2017) - LTS and *bugfixes branches maintainer) |
44 | - Topi Miettinen (https://github.com/topimiettinen) | 45 | - Topi Miettinen (https://github.com/topimiettinen) |
46 | - veloute (https://github.com/veloute) | ||
45 | - Vincent43 (https://github.com/Vincent43) | 47 | - Vincent43 (https://github.com/Vincent43) |
46 | - netblue30 (netblue30@yahoo.com) | 48 | - netblue30 (netblue30@yahoo.com) |
47 | 49 | ||
diff --git a/etc/Fritzing.profile b/etc/Fritzing.profile index 55fb7bae7..d318da885 100644 --- a/etc/Fritzing.profile +++ b/etc/Fritzing.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -36,5 +37,3 @@ shell none | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/JDownloader.profile b/etc/JDownloader.profile index 2803ebe07..d1bd5c9b2 100644 --- a/etc/JDownloader.profile +++ b/etc/JDownloader.profile | |||
@@ -16,6 +16,7 @@ noblacklist /usr/share/java | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 22 | include disable-programs.inc |
@@ -48,5 +49,3 @@ private-cache | |||
48 | private-dev | 49 | private-dev |
49 | private-tmp | 50 | private-tmp |
50 | 51 | ||
51 | noexec ${HOME} | ||
52 | noexec /tmp | ||
diff --git a/etc/QMediathekView.profile b/etc/QMediathekView.profile index 69dfbecfe..7cc50da15 100644 --- a/etc/QMediathekView.profile +++ b/etc/QMediathekView.profile | |||
@@ -21,6 +21,7 @@ noblacklist ${VIDEOS} | |||
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
24 | include disable-exec.inc | ||
24 | include disable-interpreters.inc | 25 | include disable-interpreters.inc |
25 | include disable-passwdmgr.inc | 26 | include disable-passwdmgr.inc |
26 | include disable-programs.inc | 27 | include disable-programs.inc |
@@ -52,5 +53,3 @@ private-dev | |||
52 | private-tmp | 53 | private-tmp |
53 | 54 | ||
54 | # memory-deny-write-execute - breaks on Arch | 55 | # memory-deny-write-execute - breaks on Arch |
55 | noexec ${HOME} | ||
56 | noexec /tmp | ||
diff --git a/etc/QOwnNotes.profile b/etc/QOwnNotes.profile index 090845259..27ba00857 100644 --- a/etc/QOwnNotes.profile +++ b/etc/QOwnNotes.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.local/share/PBE | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -51,5 +52,3 @@ private-dev | |||
51 | private-etc alternatives,fonts,ld.so.cache,pulse,resolv.conf,hosts,nsswitch.conf,host.conf,ca-certificates,ssl,pki,crypto-policies | 52 | private-etc alternatives,fonts,ld.so.cache,pulse,resolv.conf,hosts,nsswitch.conf,host.conf,ca-certificates,ssl,pki,crypto-policies |
52 | private-tmp | 53 | private-tmp |
53 | 54 | ||
54 | noexec ${HOME} | ||
55 | noexec /tmp | ||
diff --git a/etc/Viber.profile b/etc/Viber.profile index 01bb49a99..3f3ee8590 100644 --- a/etc/Viber.profile +++ b/etc/Viber.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.ViberPC | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -35,7 +36,5 @@ private-bin sh,bash,dig,awk,Viber | |||
35 | private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf | 36 | private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
40 | 39 | ||
41 | env QTWEBENGINE_DISABLE_SANDBOX=1 | 40 | env QTWEBENGINE_DISABLE_SANDBOX=1 |
diff --git a/etc/XMind.profile b/etc/XMind.profile index 6b767555c..a5b0a864e 100644 --- a/etc/XMind.profile +++ b/etc/XMind.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.xmind | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-bin XMind,sh,cp | |||
35 | private-tmp | 36 | private-tmp |
36 | private-dev | 37 | private-dev |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/akregator.profile b/etc/akregator.profile index e7d0b74b9..2f35c55c0 100644 --- a/etc/akregator.profile +++ b/etc/akregator.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/akregator | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-bin akregator,akregatorstorageexporter,dbus-launch,kdeinit5,kshell5,kdei | |||
43 | private-dev | 44 | private-dev |
44 | private-tmp | 45 | private-tmp |
45 | 46 | ||
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/amule.profile b/etc/amule.profile index e969bb1df..7cb2130bb 100644 --- a/etc/amule.profile +++ b/etc/amule.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.aMule | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-bin amule | |||
39 | private-dev | 40 | private-dev |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/apktool.profile b/etc/apktool.profile index bad0c9346..acddf010b 100644 --- a/etc/apktool.profile +++ b/etc/apktool.profile | |||
@@ -8,6 +8,7 @@ include apktool.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-exec.inc | ||
11 | include disable-passwdmgr.inc | 12 | include disable-passwdmgr.inc |
12 | include disable-programs.inc | 13 | include disable-programs.inc |
13 | include disable-xdg.inc | 14 | include disable-xdg.inc |
@@ -33,6 +34,3 @@ shell none | |||
33 | private-bin apktool,bash,java,dirname,basename,expr,sh | 34 | private-bin apktool,bash,java,dirname,basename,expr,sh |
34 | private-cache | 35 | private-cache |
35 | private-dev | 36 | private-dev |
36 | |||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/archaudit-report.profile b/etc/archaudit-report.profile index 1b029d1ac..2f1715da1 100644 --- a/etc/archaudit-report.profile +++ b/etc/archaudit-report.profile | |||
@@ -11,6 +11,7 @@ noblacklist /var/lib/pacman | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-bin archaudit-report,arch-audit,bash,cat,comm,cut,date,fold,grep,pacman, | |||
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | memory-deny-write-execute | 43 | memory-deny-write-execute |
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/ardour5.profile b/etc/ardour5.profile index 377ce0a2c..211a32e22 100644 --- a/etc/ardour5.profile +++ b/etc/ardour5.profile | |||
@@ -14,6 +14,7 @@ noblacklist ${MUSIC} | |||
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
17 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 20 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-dev | |||
39 | #private-etc alternatives,pulse,X11,alternatives,ardour4,ardour5,fonts,machine-id,asound.conf | 40 | #private-etc alternatives,pulse,X11,alternatives,ardour4,ardour5,fonts,machine-id,asound.conf |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/arduino.profile b/etc/arduino.profile index ce4609340..2ea8445fe 100644 --- a/etc/arduino.profile +++ b/etc/arduino.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/share/java | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -41,5 +42,3 @@ shell none | |||
41 | private-cache | 42 | private-cache |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/aria2c.profile b/etc/aria2c.profile index 6e5a87dab..68c83e573 100644 --- a/etc/aria2c.profile +++ b/etc/aria2c.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.aria2 | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-lib libreadline.so.* | |||
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | memory-deny-write-execute | 44 | memory-deny-write-execute |
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/arm.profile b/etc/arm.profile index d31b962ca..ae93e9665 100644 --- a/etc/arm.profile +++ b/etc/arm.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -49,5 +50,3 @@ private-dev | |||
49 | private-etc alternatives,tor,passwd,ca-certificates,ssl,pki,crypto-policies | 50 | private-etc alternatives,tor,passwd,ca-certificates,ssl,pki,crypto-policies |
50 | private-tmp | 51 | private-tmp |
51 | 52 | ||
52 | noexec ${HOME} | ||
53 | noexec /tmp | ||
diff --git a/etc/atom.profile b/etc/atom.profile index 1c0afb277..e4ca96eaa 100644 --- a/etc/atom.profile +++ b/etc/atom.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.cargo/registry | |||
13 | noblacklist ${HOME}/.gitconfig | 13 | noblacklist ${HOME}/.gitconfig |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-exec.inc | ||
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
18 | 19 | ||
@@ -35,6 +36,3 @@ shell none | |||
35 | private-cache | 36 | private-cache |
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | |||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/baobab.profile b/etc/baobab.profile index c223b138e..fc4e7f268 100644 --- a/etc/baobab.profile +++ b/etc/baobab.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | include disable-devel.inc | 10 | include disable-devel.inc |
11 | include disable-exec.inc | ||
11 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | # include disable-programs.inc | 14 | # include disable-programs.inc |
@@ -33,5 +34,3 @@ private-dev | |||
33 | private-tmp | 34 | private-tmp |
34 | 35 | ||
35 | #memory-deny-write-execute - breaks on Arch | 36 | #memory-deny-write-execute - breaks on Arch |
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/bitcoin-qt.profile b/etc/bitcoin-qt.profile index 74123ee51..8aae5d668 100644 --- a/etc/bitcoin-qt.profile +++ b/etc/bitcoin-qt.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/Bitcoin | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -46,5 +47,3 @@ private-dev | |||
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
48 | memory-deny-write-execute | 49 | memory-deny-write-execute |
49 | noexec ${HOME} | ||
50 | noexec /tmp | ||
diff --git a/etc/bleachbit.profile b/etc/bleachbit.profile index fae7d8133..cbc8c25d6 100644 --- a/etc/bleachbit.profile +++ b/etc/bleachbit.profile | |||
@@ -16,6 +16,7 @@ noblacklist /usr/local/lib/python3* | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | # include disable-programs.inc | 22 | # include disable-programs.inc |
@@ -41,5 +42,3 @@ private-dev | |||
41 | 42 | ||
42 | # memory-deny-write-execute breaks some systems, see issue #1850 | 43 | # memory-deny-write-execute breaks some systems, see issue #1850 |
43 | # memory-deny-write-execute | 44 | # memory-deny-write-execute |
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/blender.profile b/etc/blender.profile index d23fe0810..bfe906408 100644 --- a/etc/blender.profile +++ b/etc/blender.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -42,5 +43,3 @@ shell none | |||
42 | private-dev | 43 | private-dev |
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/bless.profile b/etc/bless.profile index 8315f4563..d4ac80db1 100644 --- a/etc/bless.profile +++ b/etc/bless.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/bless | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-dev | |||
38 | private-etc alternatives,fonts,mono | 39 | private-etc alternatives,fonts,mono |
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/bluefish.profile b/etc/bluefish.profile index ce47cb9ab..412088ba9 100644 --- a/etc/bluefish.profile +++ b/etc/bluefish.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | include disable-devel.inc | 10 | include disable-devel.inc |
11 | include disable-exec.inc | ||
11 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-bin bluefish | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/brasero.profile b/etc/brasero.profile index 5021db254..aa838380a 100644 --- a/etc/brasero.profile +++ b/etc/brasero.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/brasero | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -34,5 +35,3 @@ private-cache | |||
34 | # private-tmp | 35 | # private-tmp |
35 | 36 | ||
36 | memory-deny-write-execute | 37 | memory-deny-write-execute |
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/cin.profile b/etc/cin.profile index 02511c478..efeb9cd14 100644 --- a/etc/cin.profile +++ b/etc/cin.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.bcast5 | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -33,5 +34,3 @@ shell none | |||
33 | private-cache | 34 | private-cache |
34 | private-dev | 35 | private-dev |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/conky.profile b/etc/conky.profile index 846868be2..d5949ecfd 100644 --- a/etc/conky.profile +++ b/etc/conky.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${PICTURES} | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-dev | |||
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | memory-deny-write-execute | 40 | memory-deny-write-execute |
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/corebird.profile b/etc/corebird.profile index bf2e97356..dbb043c17 100644 --- a/etc/corebird.profile +++ b/etc/corebird.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/corebird | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -34,5 +35,3 @@ private-bin corebird | |||
34 | private-dev | 35 | private-dev |
35 | private-tmp | 36 | private-tmp |
36 | 37 | ||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/cower.profile b/etc/cower.profile index ebd83b326..bc1eeedc0 100644 --- a/etc/cower.profile +++ b/etc/cower.profile | |||
@@ -19,6 +19,7 @@ noblacklist /var/lib/pacman | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -45,5 +46,3 @@ private-dev | |||
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | memory-deny-write-execute | 48 | memory-deny-write-execute |
48 | noexec ${HOME} | ||
49 | noexec /tmp | ||
diff --git a/etc/crow.profile b/etc/crow.profile index 93f71cef8..8aa70a09c 100644 --- a/etc/crow.profile +++ b/etc/crow.profile | |||
@@ -13,6 +13,7 @@ whitelist ${HOME}/.cache/gstreamer-1.0 | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -42,5 +43,3 @@ private-opt none | |||
42 | private-tmp | 43 | private-tmp |
43 | private-srv none | 44 | private-srv none |
44 | 45 | ||
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/curl.profile b/etc/curl.profile index 1783f1337..2703c6fe8 100644 --- a/etc/curl.profile +++ b/etc/curl.profile | |||
@@ -12,6 +12,7 @@ blacklist /tmp/.X11-unix | |||
12 | noblacklist ${HOME}/.curlrc | 12 | noblacklist ${HOME}/.curlrc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-exec.inc | ||
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
17 | 18 | ||
@@ -35,6 +36,3 @@ private-cache | |||
35 | private-dev | 36 | private-dev |
36 | # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies | 37 | # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies |
37 | private-tmp | 38 | private-tmp |
38 | |||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/darktable.profile b/etc/darktable.profile index af834f90b..2a71ad11c 100644 --- a/etc/darktable.profile +++ b/etc/darktable.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${PICTURES} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -35,5 +36,3 @@ shell none | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index f751b7bb0..8e67d9daa 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${MUSIC} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -32,5 +33,3 @@ shell none | |||
32 | private-dev | 33 | private-dev |
33 | private-tmp | 34 | private-tmp |
34 | 35 | ||
35 | noexec ${HOME} | ||
36 | noexec /tmp | ||
diff --git a/etc/dex2jar.profile b/etc/dex2jar.profile index b0226f1e9..06a6be3aa 100644 --- a/etc/dex2jar.profile +++ b/etc/dex2jar.profile | |||
@@ -14,6 +14,7 @@ noblacklist /usr/share/java | |||
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
17 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 20 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-bin dex2jar,java,sh,bash,expr,dirname,ls,uname,grep | |||
41 | private-cache | 42 | private-cache |
42 | private-dev | 43 | private-dev |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/dia.profile b/etc/dia.profile index a0075acaf..921adaad5 100644 --- a/etc/dia.profile +++ b/etc/dia.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-cache | |||
38 | private-dev | 39 | private-dev |
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/dino.profile b/etc/dino.profile index e76499f8f..2db395e02 100644 --- a/etc/dino.profile +++ b/etc/dino.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.local/share/dino | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-dev | |||
39 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies # breaks server connection | 40 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies # breaks server connection |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/dooble.profile b/etc/dooble.profile index bc4a4c348..80bcce463 100644 --- a/etc/dooble.profile +++ b/etc/dooble.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.dooble | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -37,5 +38,3 @@ disable-mnt | |||
37 | private-dev | 38 | private-dev |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/dragon.profile b/etc/dragon.profile index cdf941acd..fb8aaaf96 100644 --- a/etc/dragon.profile +++ b/etc/dragon.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${VIDEOS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-bin dragon | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/electrum.profile b/etc/electrum.profile index 9d5cf7fab..88d27e47e 100644 --- a/etc/electrum.profile +++ b/etc/electrum.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -52,5 +53,3 @@ private-dev | |||
52 | private-etc alternatives,fonts,dconf,ca-certificates,ssl,pki,crypto-policies,machine-id | 53 | private-etc alternatives,fonts,dconf,ca-certificates,ssl,pki,crypto-policies,machine-id |
53 | private-tmp | 54 | private-tmp |
54 | 55 | ||
55 | noexec ${HOME} | ||
56 | noexec /tmp | ||
diff --git a/etc/enpass.profile b/etc/enpass.profile index 5e461bc43..284b9259d 100644 --- a/etc/enpass.profile +++ b/etc/enpass.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-opt Enpass | |||
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | memory-deny-write-execute | 44 | memory-deny-write-execute |
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/evolution.profile b/etc/evolution.profile index 9b6387538..71a7a5600 100644 --- a/etc/evolution.profile +++ b/etc/evolution.profile | |||
@@ -18,6 +18,7 @@ noblacklist ${HOME}/.local/share/pki | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -41,5 +42,3 @@ shell none | |||
41 | private-dev | 42 | private-dev |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/exfalso.profile b/etc/exfalso.profile index b4d275d22..6146a8952 100644 --- a/etc/exfalso.profile +++ b/etc/exfalso.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -49,5 +50,3 @@ private-lib libatk-1.0.so.*,libgdk-3.so.*,libgdk_pixbuf-2.0.so.*,libgirepository | |||
49 | private-tmp | 50 | private-tmp |
50 | 51 | ||
51 | # memory-deny-write-execute - Breaks on Arch | 52 | # memory-deny-write-execute - Breaks on Arch |
52 | noexec ${HOME} | ||
53 | noexec /tmp | ||
diff --git a/etc/falkon.profile b/etc/falkon.profile index 9fd446fe1..af6aaa1a7 100644 --- a/etc/falkon.profile +++ b/etc/falkon.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/falkon | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -37,5 +38,3 @@ seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@res | |||
37 | private-dev | 38 | private-dev |
38 | # private-tmp - interferes with the opening of downloaded files | 39 | # private-tmp - interferes with the opening of downloaded files |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/feedreader.profile b/etc/feedreader.profile index 44ed475bc..e453cc611 100644 --- a/etc/feedreader.profile +++ b/etc/feedreader.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/feedreader | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -41,5 +42,3 @@ disable-mnt | |||
41 | private-dev | 42 | private-dev |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/flameshot.profile b/etc/flameshot.profile index 39a23c813..cd3e07455 100644 --- a/etc/flameshot.profile +++ b/etc/flameshot.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${PICTURES} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-etc alternatives,fonts,ld.so.conf,resolv.conf,ca-certificates,ssl,pki,cr | |||
40 | private-dev | 41 | private-dev |
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/flowblade.profile b/etc/flowblade.profile index b57c27936..1e84d4ca6 100644 --- a/etc/flowblade.profile +++ b/etc/flowblade.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-cache | |||
39 | private-dev | 40 | private-dev |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/fontforge.profile b/etc/fontforge.profile index dc4e43b09..f98ad9983 100644 --- a/etc/fontforge.profile +++ b/etc/fontforge.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -42,5 +43,3 @@ private-cache | |||
42 | private-dev | 43 | private-dev |
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/freecad.profile b/etc/freecad.profile index 11fe3245c..079c85fb1 100644 --- a/etc/freecad.profile +++ b/etc/freecad.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-cache | |||
37 | private-dev | 38 | private-dev |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/gajim.profile b/etc/gajim.profile index bdb40d7e1..36121c4b9 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile | |||
@@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* | |||
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | ||
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
@@ -52,7 +53,5 @@ private-dev | |||
52 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl | 53 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl |
53 | private-tmp | 54 | private-tmp |
54 | 55 | ||
55 | noexec ${HOME} | ||
56 | noexec /tmp | ||
57 | 56 | ||
58 | join-or-start gajim | 57 | join-or-start gajim |
diff --git a/etc/gitg.profile b/etc/gitg.profile index f6d78cc54..a40d8791c 100644 --- a/etc/gitg.profile +++ b/etc/gitg.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.ssh | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-tmp | |||
39 | 40 | ||
40 | # mdwe breaks diff in older versions | 41 | # mdwe breaks diff in older versions |
41 | #memory-deny-write-execute | 42 | #memory-deny-write-execute |
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/github-desktop.profile b/etc/github-desktop.profile index 934ac7c40..cddb5fcbf 100644 --- a/etc/github-desktop.profile +++ b/etc/github-desktop.profile | |||
@@ -13,6 +13,7 @@ include disable-common.inc | |||
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | 18 | ||
18 | caps.drop all | 19 | caps.drop all |
@@ -44,5 +45,3 @@ private-dev | |||
44 | private-tmp | 45 | private-tmp |
45 | 46 | ||
46 | # memory-deny-write-execute | 47 | # memory-deny-write-execute |
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/gitter.profile b/etc/gitter.profile index ab333d1fb..7d0831bc4 100644 --- a/etc/gitter.profile +++ b/etc/gitter.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Gitter | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-opt Gitter | |||
41 | private-dev | 42 | private-dev |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/globaltime.profile b/etc/globaltime.profile index c007fb0cc..bb78a608e 100644 --- a/etc/globaltime.profile +++ b/etc/globaltime.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.config/globaltime | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -34,5 +35,3 @@ private-cache | |||
34 | private-dev | 35 | private-dev |
35 | private-tmp | 36 | private-tmp |
36 | 37 | ||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile index ce83fbb66..9eb4c147d 100644 --- a/etc/gnome-2048.profile +++ b/etc/gnome-2048.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/gnome-2048 | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -35,5 +36,3 @@ disable-mnt | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile index b880980bc..184751132 100644 --- a/etc/gnome-books.profile +++ b/etc/gnome-books.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-dev | |||
40 | # private-etc alternatives,fonts | 41 | # private-etc alternatives,fonts |
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile index 36b69ce90..078e8c34e 100644 --- a/etc/gnome-documents.profile +++ b/etc/gnome-documents.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${DOCUMENTS} | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-cache | |||
38 | private-dev | 39 | private-dev |
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/gnome-font-viewer.profile b/etc/gnome-font-viewer.profile index c616b7381..468ef0401 100644 --- a/etc/gnome-font-viewer.profile +++ b/etc/gnome-font-viewer.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -33,5 +34,3 @@ disable-mnt | |||
33 | private-dev | 34 | private-dev |
34 | private-tmp | 35 | private-tmp |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index 3dd623ea9..12bee6448 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${VIDEOS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -31,5 +32,3 @@ private-cache | |||
31 | private-dev | 32 | private-dev |
32 | private-tmp | 33 | private-tmp |
33 | 34 | ||
34 | noexec ${HOME} | ||
35 | noexec /tmp | ||
diff --git a/etc/gnome-music.profile b/etc/gnome-music.profile index f31b8af2c..6bebeb526 100644 --- a/etc/gnome-music.profile +++ b/etc/gnome-music.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -45,5 +46,3 @@ private-dev | |||
45 | private-etc alternatives,fonts,machine-id,pulse,asound.conf | 46 | private-etc alternatives,fonts,machine-id,pulse,asound.conf |
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
48 | noexec ${HOME} | ||
49 | noexec /tmp | ||
diff --git a/etc/gnome-nettool.profile b/etc/gnome-nettool.profile index dd58f12d5..a763917d1 100644 --- a/etc/gnome-nettool.profile +++ b/etc/gnome-nettool.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | include disable-devel.inc | 10 | include disable-devel.inc |
11 | include disable-exec.inc | ||
11 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-dev | |||
41 | private-lib libbind9.so.*,libcrypto.so.*,libdns.so.*,libirs.so.*,liblua.so.*,libssh2.so.*,libssl.so.* | 42 | private-lib libbind9.so.*,libcrypto.so.*,libdns.so.*,libirs.so.*,liblua.so.*,libssh2.so.*,libssl.so.* |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/gnome-photos.profile b/etc/gnome-photos.profile index c48ca50a5..4e5a3b109 100644 --- a/etc/gnome-photos.profile +++ b/etc/gnome-photos.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/gnome-photos | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-dev | |||
37 | # private-etc alternatives,fonts | 38 | # private-etc alternatives,fonts |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/gnome-pie.profile b/etc/gnome-pie.profile index e542181fa..c1d2dae35 100644 --- a/etc/gnome-pie.profile +++ b/etc/gnome-pie.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/gnome-pie | |||
10 | 10 | ||
11 | #include disable-common.inc | 11 | #include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | #include disable-interpreters.inc | 14 | #include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | #include disable-programs.inc | 16 | #include disable-programs.inc |
@@ -38,5 +39,3 @@ private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.s | |||
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | memory-deny-write-execute | 41 | memory-deny-write-execute |
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/gnome-recipes.profile b/etc/gnome-recipes.profile index 24d3cbd87..1a897a5d8 100644 --- a/etc/gnome-recipes.profile +++ b/etc/gnome-recipes.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/gnome-recipes | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -46,5 +47,3 @@ private-etc alternatives,ca-certificates,fonts,ssl,crypto-policies,pki | |||
46 | private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,libgnutls.so.*,libjpeg.so.*,libp11-kit.so.*,libproxy.so.*,librsvg-2.so.* | 47 | private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,libgnutls.so.*,libjpeg.so.*,libp11-kit.so.*,libproxy.so.*,librsvg-2.so.* |
47 | private-tmp | 48 | private-tmp |
48 | 49 | ||
49 | noexec ${HOME} | ||
50 | noexec /tmp | ||
diff --git a/etc/gnome-ring.profile b/etc/gnome-ring.profile index f660df690..78ceb9c4f 100644 --- a/etc/gnome-ring.profile +++ b/etc/gnome-ring.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.local/share/gnome-ring | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -31,5 +32,3 @@ disable-mnt | |||
31 | # private-dev | 32 | # private-dev |
32 | private-tmp | 33 | private-tmp |
33 | 34 | ||
34 | noexec ${HOME} | ||
35 | noexec /tmp | ||
diff --git a/etc/gnome-twitch.profile b/etc/gnome-twitch.profile index 4b54d9627..5e8153035 100644 --- a/etc/gnome-twitch.profile +++ b/etc/gnome-twitch.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/gnome-twitch | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -37,5 +38,3 @@ disable-mnt | |||
37 | private-dev | 38 | private-dev |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index baa5d39fd..ef7255130 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.cache/libgweather | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-dev | |||
41 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies | 42 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/google-earth.profile b/etc/google-earth.profile index e075bfe9a..a29e0d563 100644 --- a/etc/google-earth.profile +++ b/etc/google-earth.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.googleearth/myplaces.kml | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -48,5 +49,3 @@ private-bin google-earth,sh,bash,grep,sed,ls,dirname | |||
48 | private-dev | 49 | private-dev |
49 | private-opt google | 50 | private-opt google |
50 | 51 | ||
51 | noexec ${HOME} | ||
52 | noexec /tmp | ||
diff --git a/etc/gpredict.profile b/etc/gpredict.profile index 38897f184..be3742fe3 100644 --- a/etc/gpredict.profile +++ b/etc/gpredict.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Gpredict | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-dev | |||
36 | private-etc alternatives,fonts,resolv.conf,ca-certificates,ssl,pki,crypto-policies | 37 | private-etc alternatives,fonts,resolv.conf,ca-certificates,ssl,pki,crypto-policies |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/gradio.profile b/etc/gradio.profile index eec7376b4..75c793f61 100644 --- a/etc/gradio.profile +++ b/etc/gradio.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/gradio | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -37,5 +38,3 @@ shell none | |||
37 | private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id | 38 | private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/guayadeque.profile b/etc/guayadeque.profile index 22457c547..8ffd7ff58 100644 --- a/etc/guayadeque.profile +++ b/etc/guayadeque.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${MUSIC} | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -31,5 +32,3 @@ private-bin guayadeque | |||
31 | private-dev | 32 | private-dev |
32 | private-tmp | 33 | private-tmp |
33 | 34 | ||
34 | noexec ${HOME} | ||
35 | noexec /tmp | ||
diff --git a/etc/hashcat.profile b/etc/hashcat.profile index bf4836c45..4ed099fae 100644 --- a/etc/hashcat.profile +++ b/etc/hashcat.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${DOCUMENTS} | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-cache | |||
39 | private-dev | 40 | private-dev |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/hugin.profile b/etc/hugin.profile index 1e235f381..3d8921120 100644 --- a/etc/hugin.profile +++ b/etc/hugin.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${PICTURES} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-cache | |||
37 | private-dev | 38 | private-dev |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/imagej.profile b/etc/imagej.profile index 9ff0f9203..9d0ab43a0 100644 --- a/etc/imagej.profile +++ b/etc/imagej.profile | |||
@@ -16,6 +16,7 @@ noblacklist /usr/share/java | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 22 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-bin imagej,bash,grep,sort,tail,tr,cut,whoami,hostname,uname,mkdir,ls,tou | |||
40 | private-dev | 41 | private-dev |
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile index 443e6b550..dce44e5d4 100644 --- a/etc/jd-gui.profile +++ b/etc/jd-gui.profile | |||
@@ -16,6 +16,7 @@ noblacklist /usr/share/java | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 22 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-cache | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/kaffeine.profile b/etc/kaffeine.profile index 85870da36..c7f811939 100644 --- a/etc/kaffeine.profile +++ b/etc/kaffeine.profile | |||
@@ -17,6 +17,7 @@ noblacklist ${VIDEOS} | |||
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
@@ -39,5 +40,3 @@ shell none | |||
39 | private-dev | 40 | private-dev |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/kdeinit4.profile b/etc/kdeinit4.profile index cd7c4cae3..f786c78d5 100644 --- a/etc/kdeinit4.profile +++ b/etc/kdeinit4.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -33,5 +34,3 @@ private-bin kdeinit4,kbuildsycoca4,kded4,knotify4 | |||
33 | private-dev | 34 | private-dev |
34 | private-tmp | 35 | private-tmp |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/keepass.profile b/etc/keepass.profile index 788561a14..57a24d821 100644 --- a/etc/keepass.profile +++ b/etc/keepass.profile | |||
@@ -17,6 +17,7 @@ noblacklist ${DOCUMENTS} | |||
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-cache | |||
41 | private-dev | 42 | private-dev |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/kino.profile b/etc/kino.profile index ead42f9ca..9e8d61391 100644 --- a/etc/kino.profile +++ b/etc/kino.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.kinorc | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -31,5 +32,3 @@ private-cache | |||
31 | private-dev | 32 | private-dev |
32 | private-tmp | 33 | private-tmp |
33 | 34 | ||
34 | noexec ${HOME} | ||
35 | noexec /tmp | ||
diff --git a/etc/kopete.profile b/etc/kopete.profile index fef415f6e..5e931ddac 100644 --- a/etc/kopete.profile +++ b/etc/kopete.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.kde4/share/config/kopeterc | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -35,5 +36,3 @@ writable-var | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/less.profile b/etc/less.profile index 16940853c..5ad7cb959 100644 --- a/etc/less.profile +++ b/etc/less.profile | |||
@@ -9,6 +9,7 @@ include less.local | |||
9 | #include globals.local | 9 | #include globals.local |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | include disable-exec.inc | ||
12 | 13 | ||
13 | ignore noroot | 14 | ignore noroot |
14 | apparmor | 15 | apparmor |
@@ -34,7 +35,5 @@ private-cache | |||
34 | private-dev | 35 | private-dev |
35 | 36 | ||
36 | memory-deny-write-execute | 37 | memory-deny-write-execute |
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
39 | 38 | ||
40 | include default.profile | 39 | include default.profile |
diff --git a/etc/liferea.profile b/etc/liferea.profile index 5927747b8..e778d7b55 100644 --- a/etc/liferea.profile +++ b/etc/liferea.profile | |||
@@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* | |||
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | ||
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
@@ -52,5 +53,3 @@ disable-mnt | |||
52 | private-dev | 53 | private-dev |
53 | private-tmp | 54 | private-tmp |
54 | 55 | ||
55 | noexec ${HOME} | ||
56 | noexec /tmp | ||
diff --git a/etc/linphone.profile b/etc/linphone.profile index cd35dc2bf..dc156b298 100644 --- a/etc/linphone.profile +++ b/etc/linphone.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.linphonerc | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -40,5 +41,3 @@ disable-mnt | |||
40 | private-dev | 41 | private-dev |
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/lmms.profile b/etc/lmms.profile index 6c81b9172..98ddd03e5 100644 --- a/etc/lmms.profile +++ b/etc/lmms.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${MUSIC} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -36,5 +37,3 @@ shell none | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/lollypop.profile b/etc/lollypop.profile index c4717965a..76b8ed75c 100644 --- a/etc/lollypop.profile +++ b/etc/lollypop.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-dev | |||
43 | private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id | 44 | private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id |
44 | private-tmp | 45 | private-tmp |
45 | 46 | ||
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/luminance-hdr.profile b/etc/luminance-hdr.profile index 38f2ab10c..2b0feaa17 100644 --- a/etc/luminance-hdr.profile +++ b/etc/luminance-hdr.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${PICTURES} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-cache | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/lximage-qt.profile b/etc/lximage-qt.profile index c275a69c8..74adb7a67 100644 --- a/etc/lximage-qt.profile +++ b/etc/lximage-qt.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/lximage-qt | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -33,5 +34,3 @@ private-cache | |||
33 | private-dev | 34 | private-dev |
34 | private-tmp | 35 | private-tmp |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/lxmusic.profile b/etc/lxmusic.profile index e0c03db50..e1a37343e 100644 --- a/etc/lxmusic.profile +++ b/etc/lxmusic.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${MUSIC} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -36,5 +37,3 @@ shell none | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/macrofusion.profile b/etc/macrofusion.profile index 793cd59bb..7d42f2bfe 100644 --- a/etc/macrofusion.profile +++ b/etc/macrofusion.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-cache | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/makepkg.profile b/etc/makepkg.profile index 317a3dd78..55bea9c5e 100644 --- a/etc/makepkg.profile +++ b/etc/makepkg.profile | |||
@@ -31,6 +31,7 @@ blacklist ${HOME}/.gnupg/openpgp-revocs.d | |||
31 | noblacklist /var/lib/pacman | 31 | noblacklist /var/lib/pacman |
32 | 32 | ||
33 | include disable-common.inc | 33 | include disable-common.inc |
34 | include disable-exec.inc | ||
34 | include disable-passwdmgr.inc | 35 | include disable-passwdmgr.inc |
35 | include disable-programs.inc | 36 | include disable-programs.inc |
36 | 37 | ||
@@ -54,5 +55,3 @@ disable-mnt | |||
54 | private-tmp | 55 | private-tmp |
55 | 56 | ||
56 | memory-deny-write-execute | 57 | memory-deny-write-execute |
57 | noexec ${HOME} | ||
58 | noexec /tmp | ||
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile index 1d3c21e3f..ac5577b4c 100644 --- a/etc/mate-calc.profile +++ b/etc/mate-calc.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/mate-calc | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -45,5 +46,3 @@ private-opt none | |||
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | memory-deny-write-execute | 48 | memory-deny-write-execute |
48 | noexec ${HOME} | ||
49 | noexec /tmp | ||
diff --git a/etc/mate-color-select.profile b/etc/mate-color-select.profile index a344f70e1..bd3631445 100644 --- a/etc/mate-color-select.profile +++ b/etc/mate-color-select.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | include disable-devel.inc | 10 | include disable-devel.inc |
11 | include disable-exec.inc | ||
11 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-lib | |||
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | memory-deny-write-execute | 43 | memory-deny-write-execute |
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/mate-dictionary.profile b/etc/mate-dictionary.profile index 196f5b2c3..1217910a0 100644 --- a/etc/mate-dictionary.profile +++ b/etc/mate-dictionary.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.config/mate/mate-dictionary | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -42,5 +43,3 @@ private-dev | |||
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | memory-deny-write-execute | 45 | memory-deny-write-execute |
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile index a438634f3..497014dab 100644 --- a/etc/mediathekview.profile +++ b/etc/mediathekview.profile | |||
@@ -26,6 +26,7 @@ noblacklist /usr/share/java | |||
26 | 26 | ||
27 | include disable-common.inc | 27 | include disable-common.inc |
28 | include disable-devel.inc | 28 | include disable-devel.inc |
29 | include disable-exec.inc | ||
29 | include disable-interpreters.inc | 30 | include disable-interpreters.inc |
30 | include disable-passwdmgr.inc | 31 | include disable-passwdmgr.inc |
31 | include disable-programs.inc | 32 | include disable-programs.inc |
@@ -50,5 +51,3 @@ private-cache | |||
50 | private-dev | 51 | private-dev |
51 | private-tmp | 52 | private-tmp |
52 | 53 | ||
53 | noexec ${HOME} | ||
54 | noexec /tmp | ||
diff --git a/etc/mendeleydesktop.profile b/etc/mendeleydesktop.profile index a3d6092f1..d54371371 100644 --- a/etc/mendeleydesktop.profile +++ b/etc/mendeleydesktop.profile | |||
@@ -24,6 +24,7 @@ noblacklist /usr/local/lib/python3* | |||
24 | 24 | ||
25 | include disable-common.inc | 25 | include disable-common.inc |
26 | include disable-devel.inc | 26 | include disable-devel.inc |
27 | include disable-exec.inc | ||
27 | include disable-interpreters.inc | 28 | include disable-interpreters.inc |
28 | include disable-passwdmgr.inc | 29 | include disable-passwdmgr.inc |
29 | include disable-programs.inc | 30 | include disable-programs.inc |
@@ -50,5 +51,3 @@ private-bin mendeleydesktop,python*,env,gconftool-2,which,sh,ln,cat,update-deskt | |||
50 | private-dev | 51 | private-dev |
51 | private-tmp | 52 | private-tmp |
52 | 53 | ||
53 | noexec ${HOME} | ||
54 | noexec /tmp | ||
diff --git a/etc/min.profile b/etc/min.profile index eb1163175..e775ed42d 100644 --- a/etc/min.profile +++ b/etc/min.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.local/share/pki | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
18 | 19 | ||
@@ -48,5 +49,3 @@ private-etc alternatives,ca-certificates,ssl,machine-id,dconf,selinux,passwd,gro | |||
48 | private-tmp | 49 | private-tmp |
49 | 50 | ||
50 | # memory-deny-write-execute | 51 | # memory-deny-write-execute |
51 | noexec ${HOME} | ||
52 | noexec /tmp | ||
diff --git a/etc/mpDris2.profile b/etc/mpDris2.profile index b179ecfaf..81bf88b8b 100644 --- a/etc/mpDris2.profile +++ b/etc/mpDris2.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -47,7 +48,5 @@ private-lib libdbus-1.so.*,libdbus-glib-1.so.*,libgirepository-1.0.so.*,libnotif | |||
47 | private-tmp | 48 | private-tmp |
48 | 49 | ||
49 | # memory-deny-write-execute - Breaks on Arch | 50 | # memory-deny-write-execute - Breaks on Arch |
50 | noexec ${HOME} | ||
51 | noexec /tmp | ||
52 | 51 | ||
53 | read-only ${HOME} | 52 | read-only ${HOME} |
diff --git a/etc/mpd.profile b/etc/mpd.profile index e06b83aa9..0a98de7c4 100644 --- a/etc/mpd.profile +++ b/etc/mpd.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${MUSIC} | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-cache | |||
38 | private-dev | 39 | private-dev |
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/mplayer.profile b/etc/mplayer.profile index 8c0b50eca..877b92564 100644 --- a/etc/mplayer.profile +++ b/etc/mplayer.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${VIDEOS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -33,5 +34,3 @@ private-bin mplayer | |||
33 | private-dev | 34 | private-dev |
34 | private-tmp | 35 | private-tmp |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/ms-office.profile b/etc/ms-office.profile index f23617f8d..f8e75379e 100644 --- a/etc/ms-office.profile +++ b/etc/ms-office.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies | |||
43 | private-dev | 44 | private-dev |
44 | private-tmp | 45 | private-tmp |
45 | 46 | ||
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/multimc5.profile b/etc/multimc5.profile index 75e6e2804..b6407c4f9 100644 --- a/etc/multimc5.profile +++ b/etc/multimc5.profile | |||
@@ -18,6 +18,7 @@ noblacklist /usr/share/java | |||
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
21 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
@@ -47,5 +48,3 @@ disable-mnt | |||
47 | private-dev | 48 | private-dev |
48 | private-tmp | 49 | private-tmp |
49 | 50 | ||
50 | noexec ${HOME} | ||
51 | noexec /tmp | ||
diff --git a/etc/mumble.profile b/etc/mumble.profile index 276e77c68..04bb1b5f0 100644 --- a/etc/mumble.profile +++ b/etc/mumble.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/data/Mumble | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-bin mumble | |||
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | memory-deny-write-execute | 43 | memory-deny-write-execute |
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/musixmatch.profile b/etc/musixmatch.profile index 54d9fb16e..727269a61 100644 --- a/etc/musixmatch.profile +++ b/etc/musixmatch.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${MUSIC} | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
14 | include disable-xdg.inc | 15 | include disable-xdg.inc |
@@ -33,5 +34,3 @@ disable-mnt | |||
33 | private-dev | 34 | private-dev |
34 | private-etc alternatives,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies | 35 | private-etc alternatives,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/natron.profile b/etc/natron.profile index 85e23c759..3f997a7a0 100644 --- a/etc/natron.profile +++ b/etc/natron.profile | |||
@@ -20,6 +20,7 @@ noblacklist /opt/natron | |||
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | ||
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
@@ -38,5 +39,3 @@ shell none | |||
38 | 39 | ||
39 | private-bin natron,Natron,NatronRenderer | 40 | private-bin natron,Natron,NatronRenderer |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/ncdu.profile b/etc/ncdu.profile index ac0fd19b2..c18e1c4bf 100644 --- a/etc/ncdu.profile +++ b/etc/ncdu.profile | |||
@@ -6,6 +6,8 @@ include ncdu.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | include disable-exec.inc | ||
10 | |||
9 | caps.drop all | 11 | caps.drop all |
10 | ipc-namespace | 12 | ipc-namespace |
11 | nodbus | 13 | nodbus |
@@ -27,5 +29,3 @@ private-dev | |||
27 | # private-tmp | 29 | # private-tmp |
28 | 30 | ||
29 | memory-deny-write-execute | 31 | memory-deny-write-execute |
30 | noexec ${HOME} | ||
31 | noexec /tmp | ||
diff --git a/etc/nemo.profile b/etc/nemo.profile index 2364ea4a7..a23ba1700 100644 --- a/etc/nemo.profile +++ b/etc/nemo.profile | |||
@@ -21,6 +21,7 @@ noblacklist /usr/local/lib/python3* | |||
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
24 | include disable-exec.inc | ||
24 | include disable-interpreters.inc | 25 | include disable-interpreters.inc |
25 | include disable-passwdmgr.inc | 26 | include disable-passwdmgr.inc |
26 | 27 | ||
@@ -38,5 +39,3 @@ protocol unix,inet,inet6 | |||
38 | seccomp | 39 | seccomp |
39 | shell none | 40 | shell none |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile index 771430337..2c23a4868 100644 --- a/etc/nethack-vultures.profile +++ b/etc/nethack-vultures.profile | |||
@@ -12,6 +12,7 @@ noblacklist /var/log | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-dev | |||
43 | private-tmp | 44 | private-tmp |
44 | writable-var | 45 | writable-var |
45 | 46 | ||
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/nethack.profile b/etc/nethack.profile index 8f63a133a..5375d2f4f 100644 --- a/etc/nethack.profile +++ b/etc/nethack.profile | |||
@@ -11,6 +11,7 @@ noblacklist /var/games/nethack | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-tmp | |||
43 | writable-var | 44 | writable-var |
44 | 45 | ||
45 | #memory-deny-write-execute | 46 | #memory-deny-write-execute |
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/neverball.profile b/etc/neverball.profile index 34493485a..84c634549 100644 --- a/etc/neverball.profile +++ b/etc/neverball.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.neverball | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-bin neverball | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/nheko.profile b/etc/nheko.profile index ea99b2f5a..2dfddf872 100644 --- a/etc/nheko.profile +++ b/etc/nheko.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.cache/nheko/nheko | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -40,5 +41,3 @@ disable-mnt | |||
40 | private-bin nheko | 41 | private-bin nheko |
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/nitroshare.profile b/etc/nitroshare.profile index 4d2c5bdf2..7aba69490 100644 --- a/etc/nitroshare.profile +++ b/etc/nitroshare.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -48,5 +49,3 @@ private-etc alternatives,ca-certificates,dconf,fonts,hostname,hosts,ld.so.cache, | |||
48 | private-tmp | 49 | private-tmp |
49 | 50 | ||
50 | # memory-deny-write-execute | 51 | # memory-deny-write-execute |
51 | noexec ${HOME} | ||
52 | noexec /tmp | ||
diff --git a/etc/nomacs.profile b/etc/nomacs.profile index 4bda5cbce..fd154b1c4 100644 --- a/etc/nomacs.profile +++ b/etc/nomacs.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${PICTURES} | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-etc alternatives,hosts,ca-certificates,ssl,pki,crypto-policies,resolv.co | |||
44 | private-tmp | 45 | private-tmp |
45 | 46 | ||
46 | memory-deny-write-execute | 47 | memory-deny-write-execute |
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/nyx.profile b/etc/nyx.profile index 2a078ef0f..ed39283b2 100644 --- a/etc/nyx.profile +++ b/etc/nyx.profile | |||
@@ -17,6 +17,7 @@ whitelist ${HOME}/.nyx | |||
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
@@ -47,5 +48,3 @@ private-opt none | |||
47 | private-srv none | 48 | private-srv none |
48 | private-tmp | 49 | private-tmp |
49 | 50 | ||
50 | noexec ${HOME} | ||
51 | noexec /tmp | ||
diff --git a/etc/obs.profile b/etc/obs.profile index 5e3ce092a..1f02efc7f 100644 --- a/etc/obs.profile +++ b/etc/obs.profile | |||
@@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* | |||
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | ||
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-cache | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/onionshare-gui.profile b/etc/onionshare-gui.profile index 75f6194a6..3ee78c59d 100644 --- a/etc/onionshare-gui.profile +++ b/etc/onionshare-gui.profile | |||
@@ -14,6 +14,7 @@ noblacklist /usr/local/lib/python3* | |||
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
17 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 20 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-dev | |||
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | memory-deny-write-execute | 43 | memory-deny-write-execute |
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/orage.profile b/etc/orage.profile index 29b8ef749..2c55ab909 100644 --- a/etc/orage.profile +++ b/etc/orage.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/orage | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-cache | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/pdfmod.profile b/etc/pdfmod.profile index 3b6116c85..177070e83 100644 --- a/etc/pdfmod.profile +++ b/etc/pdfmod.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -40,5 +41,3 @@ shell none | |||
40 | private-dev | 41 | private-dev |
41 | private-tmp | 42 | private-tmp |
42 | 43 | ||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile index 4eed98e88..98dcce0b7 100644 --- a/etc/pdfsam.profile +++ b/etc/pdfsam.profile | |||
@@ -17,6 +17,7 @@ noblacklist /usr/share/java | |||
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-cache | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/peek.profile b/etc/peek.profile index 06e7b3e62..fd836560e 100644 --- a/etc/peek.profile +++ b/etc/peek.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${VIDEOS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-dev | |||
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | memory-deny-write-execute | 41 | memory-deny-write-execute |
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/picard.profile b/etc/picard.profile index 26002e14d..b756ed629 100644 --- a/etc/picard.profile +++ b/etc/picard.profile | |||
@@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* | |||
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | ||
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
@@ -44,5 +45,3 @@ shell none | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/pithos.profile b/etc/pithos.profile index 6492ace7b..d6a0a7822 100644 --- a/etc/pithos.profile +++ b/etc/pithos.profile | |||
@@ -16,6 +16,7 @@ noblacklist /usr/local/lib/python3* | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 22 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-bin pithos,env,python* | |||
43 | private-dev | 44 | private-dev |
44 | private-tmp | 45 | private-tmp |
45 | 46 | ||
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/pitivi.profile b/etc/pitivi.profile index ac7922833..83f5ccbb9 100644 --- a/etc/pitivi.profile +++ b/etc/pitivi.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -42,5 +43,3 @@ shell none | |||
42 | private-dev | 43 | private-dev |
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/polari.profile b/etc/polari.profile index 5fa717cb3..b9f81eece 100644 --- a/etc/polari.profile +++ b/etc/polari.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
14 | 15 | ||
@@ -45,5 +46,3 @@ disable-mnt | |||
45 | private-dev | 46 | private-dev |
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
48 | noexec ${HOME} | ||
49 | noexec /tmp | ||
diff --git a/etc/ppsspp.profile b/etc/ppsspp.profile index 0c8bfa770..480a03e49 100644 --- a/etc/ppsspp.profile +++ b/etc/ppsspp.profile | |||
@@ -13,6 +13,7 @@ noblacklist /usr/lib/llvm* | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -41,5 +42,3 @@ private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf | |||
41 | private-opt ppsspp | 42 | private-opt ppsspp |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/pragha.profile b/etc/pragha.profile index a595caee9..4e6840636 100644 --- a/etc/pragha.profile +++ b/etc/pragha.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${MUSIC} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-dev | |||
35 | private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id | 36 | private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile index 7ec789440..087f90966 100644 --- a/etc/psi-plus.profile +++ b/etc/psi-plus.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/psi+ | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -42,5 +43,3 @@ disable-mnt | |||
42 | private-dev | 43 | private-dev |
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/pybitmessage.profile b/etc/pybitmessage.profile index 63ae156a1..28ab8caa6 100644 --- a/etc/pybitmessage.profile +++ b/etc/pybitmessage.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 24 | include disable-programs.inc |
24 | include disable-interpreters.inc | 25 | include disable-interpreters.inc |
@@ -47,5 +48,3 @@ private-dev | |||
47 | private-etc alternatives,PyBitmessage,PyBitmessage.conf,Trolltech.conf,fonts,gtk-2.0,hosts,ld.so.cache,ld.so.preload,localtime,pki,resolv.conf,selinux,sni-qt.conf,system-fips,xdg,ca-certificates,ssl,pki,crypto-policies | 48 | private-etc alternatives,PyBitmessage,PyBitmessage.conf,Trolltech.conf,fonts,gtk-2.0,hosts,ld.so.cache,ld.so.preload,localtime,pki,resolv.conf,selinux,sni-qt.conf,system-fips,xdg,ca-certificates,ssl,pki,crypto-policies |
48 | private-tmp | 49 | private-tmp |
49 | 50 | ||
50 | noexec ${HOME} | ||
51 | noexec /tmp | ||
diff --git a/etc/qlipper.profile b/etc/qlipper.profile index ec0b6c64d..fb9dca48f 100644 --- a/etc/qlipper.profile +++ b/etc/qlipper.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Qlipper | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-cache | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/qmmp.profile b/etc/qmmp.profile index 66c27a585..f786e73b7 100644 --- a/etc/qmmp.profile +++ b/etc/qmmp.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${MUSIC} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
16 | include disable-xdg.inc | 17 | include disable-xdg.inc |
@@ -34,5 +35,3 @@ private-bin qmmp,tar,unzip,bzip2,gzip | |||
34 | private-dev | 35 | private-dev |
35 | private-tmp | 36 | private-tmp |
36 | 37 | ||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/quiterss.profile b/etc/quiterss.profile index e6c441e27..41c84425b 100644 --- a/etc/quiterss.profile +++ b/etc/quiterss.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.local/share/QuiteRss | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -49,5 +50,3 @@ private-bin quiterss | |||
49 | private-dev | 50 | private-dev |
50 | # private-etc alternatives,X11,ssl,pki,ca-certificates,crypto-policies | 51 | # private-etc alternatives,X11,ssl,pki,ca-certificates,crypto-policies |
51 | 52 | ||
52 | noexec ${HOME} | ||
53 | noexec /tmp | ||
diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile index eef0c8fa6..1b23b2baf 100644 --- a/etc/qupzilla.profile +++ b/etc/qupzilla.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/qupzilla | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-dev | |||
37 | # private-etc alternatives,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,adobe,mime.types,mailcap,asound.conf,pulse,machine-id,ca-certificates,ssl,pki,crypto-policies | 38 | # private-etc alternatives,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,adobe,mime.types,mailcap,asound.conf,pulse,machine-id,ca-certificates,ssl,pki,crypto-policies |
38 | # private-tmp - interferes with the opening of downloaded files | 39 | # private-tmp - interferes with the opening of downloaded files |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/redeclipse.profile b/etc/redeclipse.profile index 278514538..bb1ad56d3 100644 --- a/etc/redeclipse.profile +++ b/etc/redeclipse.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.redeclipse | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -36,5 +37,3 @@ disable-mnt | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/remmina.profile b/etc/remmina.profile index 888f3819f..a77f2d8aa 100644 --- a/etc/remmina.profile +++ b/etc/remmina.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.ssh | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-cache | |||
37 | private-dev | 38 | private-dev |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/ricochet.profile b/etc/ricochet.profile index a67d6b7ca..3cb30c459 100644 --- a/etc/ricochet.profile +++ b/etc/ricochet.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/Ricochet | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-bin ricochet,tor | |||
38 | private-dev | 39 | private-dev |
39 | #private-etc alternatives,fonts,tor,X11,alternatives,ca-certificates,ssl,pki,crypto-policies | 40 | #private-etc alternatives,fonts,tor,X11,alternatives,ca-certificates,ssl,pki,crypto-policies |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/ristretto.profile b/etc/ristretto.profile index e6b22b914..8fcbb203c 100644 --- a/etc/ristretto.profile +++ b/etc/ristretto.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.steam | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-cache | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/sayonara.profile b/etc/sayonara.profile index ce86c80f9..8f0544f33 100644 --- a/etc/sayonara.profile +++ b/etc/sayonara.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${MUSIC} | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
15 | include disable-xdg.inc | 16 | include disable-xdg.inc |
@@ -32,5 +33,3 @@ private-bin sayonara | |||
32 | private-dev | 33 | private-dev |
33 | private-tmp | 34 | private-tmp |
34 | 35 | ||
35 | noexec ${HOME} | ||
36 | noexec /tmp | ||
diff --git a/etc/scallion.profile b/etc/scallion.profile index b4d0ef240..232ec4346 100644 --- a/etc/scallion.profile +++ b/etc/scallion.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${PATH}/openssl-1.0 | |||
13 | noblacklist ${DOCUMENTS} | 13 | noblacklist ${DOCUMENTS} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -40,6 +41,3 @@ disable-mnt | |||
40 | private | 41 | private |
41 | private-dev | 42 | private-dev |
42 | private-tmp | 43 | private-tmp |
43 | |||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/scribus.profile b/etc/scribus.profile index 5bec43d85..d8dc7b0e0 100644 --- a/etc/scribus.profile +++ b/etc/scribus.profile | |||
@@ -36,6 +36,7 @@ noblacklist /usr/local/lib/python3* | |||
36 | 36 | ||
37 | include disable-common.inc | 37 | include disable-common.inc |
38 | include disable-devel.inc | 38 | include disable-devel.inc |
39 | include disable-exec.inc | ||
39 | include disable-interpreters.inc | 40 | include disable-interpreters.inc |
40 | include disable-passwdmgr.inc | 41 | include disable-passwdmgr.inc |
41 | include disable-programs.inc | 42 | include disable-programs.inc |
@@ -63,5 +64,3 @@ tracelog | |||
63 | private-dev | 64 | private-dev |
64 | private-tmp | 65 | private-tmp |
65 | 66 | ||
66 | noexec ${HOME} | ||
67 | noexec /tmp | ||
diff --git a/etc/sdat2img.profile b/etc/sdat2img.profile index d78b51766..485326fcc 100644 --- a/etc/sdat2img.profile +++ b/etc/sdat2img.profile | |||
@@ -16,6 +16,7 @@ noblacklist /usr/local/lib/python3* | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 22 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-bin sdat2img,env,python* | |||
43 | private-cache | 44 | private-cache |
44 | private-dev | 45 | private-dev |
45 | 46 | ||
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/shellcheck.profile b/etc/shellcheck.profile index 429633a6d..b8974e416 100644 --- a/etc/shellcheck.profile +++ b/etc/shellcheck.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-dev | |||
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | memory-deny-write-execute | 42 | memory-deny-write-execute |
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/silentarmy.profile b/etc/silentarmy.profile index 5ef96a4ea..7aeb2909b 100644 --- a/etc/silentarmy.profile +++ b/etc/silentarmy.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | # include disable-devel.inc | 10 | # include disable-devel.inc |
11 | include disable-exec.inc | ||
11 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-dev | |||
36 | private-opt none | 37 | private-opt none |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/skype.profile b/etc/skype.profile index 09b9baa11..55057c546 100644 --- a/etc/skype.profile +++ b/etc/skype.profile | |||
@@ -9,8 +9,10 @@ noblacklist ${HOME}/.Skype | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
14 | include disable-programs.inc | 16 | include disable-programs.inc |
15 | 17 | ||
16 | caps.drop all | 18 | caps.drop all |
@@ -31,5 +33,3 @@ private-cache | |||
31 | private-dev | 33 | private-dev |
32 | private-tmp | 34 | private-tmp |
33 | 35 | ||
34 | noexec ${HOME} | ||
35 | noexec /tmp | ||
diff --git a/etc/slashem.profile b/etc/slashem.profile index 0a372ce5f..011698e1f 100644 --- a/etc/slashem.profile +++ b/etc/slashem.profile | |||
@@ -11,6 +11,7 @@ noblacklist /var/games/slashem | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-tmp | |||
43 | writable-var | 44 | writable-var |
44 | 45 | ||
45 | #memory-deny-write-execute | 46 | #memory-deny-write-execute |
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/smtube.profile b/etc/smtube.profile index 24f3db40a..1c7c6c0d2 100644 --- a/etc/smtube.profile +++ b/etc/smtube.profile | |||
@@ -17,6 +17,7 @@ noblacklist ${VIDEOS} | |||
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
@@ -41,5 +42,3 @@ shell none | |||
41 | private-dev | 42 | private-dev |
42 | private-tmp | 43 | private-tmp |
43 | 44 | ||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile index b43047401..74582dd2f 100644 --- a/etc/spectre-meltdown-checker.profile +++ b/etc/spectre-meltdown-checker.profile | |||
@@ -20,6 +20,7 @@ noblacklist /usr/share/perl* | |||
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | ||
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
@@ -49,5 +50,3 @@ private-cache | |||
49 | private-tmp | 50 | private-tmp |
50 | 51 | ||
51 | memory-deny-write-execute | 52 | memory-deny-write-execute |
52 | noexec ${HOME} | ||
53 | noexec /tmp | ||
diff --git a/etc/spotify.profile b/etc/spotify.profile index 60d15735d..6f7f6ec85 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile | |||
@@ -16,6 +16,7 @@ noblacklist ${HOME}/.local/share/spotify | |||
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 22 | include disable-programs.inc |
@@ -50,5 +51,3 @@ private-etc alternatives,fonts,group,ld.so.cache,machine-id,pulse,resolv.conf,ho | |||
50 | private-opt spotify | 51 | private-opt spotify |
51 | private-tmp | 52 | private-tmp |
52 | 53 | ||
53 | noexec ${HOME} | ||
54 | noexec /tmp | ||
diff --git a/etc/stellarium.profile b/etc/stellarium.profile index 7d0000fb3..d6df2e0ad 100644 --- a/etc/stellarium.profile +++ b/etc/stellarium.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.stellarium | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -42,5 +43,3 @@ private-bin stellarium | |||
42 | private-dev | 43 | private-dev |
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | noexec ${HOME} | ||
46 | noexec /tmp | ||
diff --git a/etc/surf.profile b/etc/surf.profile index 4fad4a81d..0504b5fe5 100644 --- a/etc/surf.profile +++ b/etc/surf.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.surf | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
15 | 16 | ||
@@ -35,5 +36,3 @@ private-dev | |||
35 | private-etc alternatives,passwd,group,hosts,resolv.conf,fonts,ssl,pki,ca-certificates,crypto-policies | 36 | private-etc alternatives,passwd,group,hosts,resolv.conf,fonts,ssl,pki,ca-certificates,crypto-policies |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/synfigstudio.profile b/etc/synfigstudio.profile index 9ce1bb183..33086a99d 100644 --- a/etc/synfigstudio.profile +++ b/etc/synfigstudio.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.synfig | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-cache | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/teamspeak3.profile b/etc/teamspeak3.profile index 25928882b..8d5917148 100644 --- a/etc/teamspeak3.profile +++ b/etc/teamspeak3.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${PATH}/openssl | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -39,5 +40,3 @@ disable-mnt | |||
39 | private-dev | 40 | private-dev |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/telegram.profile b/etc/telegram.profile index fb2c06a27..e3af5600a 100644 --- a/etc/telegram.profile +++ b/etc/telegram.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/TelegramDesktop | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
15 | 16 | ||
@@ -26,5 +27,3 @@ disable-mnt | |||
26 | private-cache | 27 | private-cache |
27 | private-tmp | 28 | private-tmp |
28 | 29 | ||
29 | noexec ${HOME} | ||
30 | noexec /tmp | ||
diff --git a/etc/tilp.profile b/etc/tilp.profile index 2643c9a84..4d38d5184 100644 --- a/etc/tilp.profile +++ b/etc/tilp.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${HOME}/.tilp | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -32,5 +33,3 @@ private-cache | |||
32 | private-etc alternatives,fonts | 33 | private-etc alternatives,fonts |
33 | private-tmp | 34 | private-tmp |
34 | 35 | ||
35 | noexec ${HOME} | ||
36 | noexec /tmp | ||
diff --git a/etc/tor.profile b/etc/tor.profile index 418352639..e80fbadb0 100644 --- a/etc/tor.profile +++ b/etc/tor.profile | |||
@@ -19,6 +19,7 @@ include globals.local | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -49,5 +50,3 @@ private-dev | |||
49 | private-etc alternatives,tor,passwd,ca-certificates,ssl,pki,crypto-policies | 50 | private-etc alternatives,tor,passwd,ca-certificates,ssl,pki,crypto-policies |
50 | private-tmp | 51 | private-tmp |
51 | 52 | ||
52 | noexec ${HOME} | ||
53 | noexec /tmp | ||
diff --git a/etc/truecraft.profile b/etc/truecraft.profile index ae1d85473..e76d52219 100644 --- a/etc/truecraft.profile +++ b/etc/truecraft.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/truecraft | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -36,5 +37,3 @@ disable-mnt | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/uefitool.profile b/etc/uefitool.profile index 218b41e15..8ab0e9a26 100644 --- a/etc/uefitool.profile +++ b/etc/uefitool.profile | |||
@@ -9,6 +9,7 @@ noblacklist ${DOCUMENTS} | |||
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 15 | include disable-programs.inc |
@@ -35,5 +36,3 @@ private-cache | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/viking.profile b/etc/viking.profile index baf268691..5b6228a94 100644 --- a/etc/viking.profile +++ b/etc/viking.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -34,5 +35,3 @@ shell none | |||
34 | private-dev | 35 | private-dev |
35 | private-tmp | 36 | private-tmp |
36 | 37 | ||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/vym.profile b/etc/vym.profile index bb3f6ac56..fbb53943c 100644 --- a/etc/vym.profile +++ b/etc/vym.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/InSilmaril | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -33,5 +34,3 @@ disable-mnt | |||
33 | private-dev | 34 | private-dev |
34 | private-tmp | 35 | private-tmp |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||
diff --git a/etc/webui-aria2.profile b/etc/webui-aria2.profile index 5bc9c122b..0cd1e05ab 100644 --- a/etc/webui-aria2.profile +++ b/etc/webui-aria2.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${PATH}/node | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -34,5 +35,3 @@ private-cache | |||
34 | private-dev | 35 | private-dev |
35 | private-tmp | 36 | private-tmp |
36 | 37 | ||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/xfce4-dict.profile b/etc/xfce4-dict.profile index 0dc021ef3..bc499bd30 100644 --- a/etc/xfce4-dict.profile +++ b/etc/xfce4-dict.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/xfce4-dict | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -34,5 +35,3 @@ private-cache | |||
34 | private-dev | 35 | private-dev |
35 | private-tmp | 36 | private-tmp |
36 | 37 | ||
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||
diff --git a/etc/xfce4-notes.profile b/etc/xfce4-notes.profile index df1b575b2..4dad1bf7a 100644 --- a/etc/xfce4-notes.profile +++ b/etc/xfce4-notes.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/notes | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-cache | |||
36 | private-dev | 37 | private-dev |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/xmr-stak.profile b/etc/xmr-stak.profile index 99c9676b8..3fbdf66ab 100644 --- a/etc/xmr-stak.profile +++ b/etc/xmr-stak.profile | |||
@@ -10,6 +10,7 @@ noblacklist /usr/lib/llvm* | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-opt cuda | |||
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | memory-deny-write-execute | 46 | memory-deny-write-execute |
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/xonotic.profile b/etc/xonotic.profile index 9d422a01e..09c0639f8 100644 --- a/etc/xonotic.profile +++ b/etc/xonotic.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.xonotic | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -39,5 +40,3 @@ private-dev | |||
39 | private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies,machine-id | 40 | private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies,machine-id |
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | noexec ${HOME} | ||
43 | noexec /tmp | ||
diff --git a/etc/xpdf.profile b/etc/xpdf.profile index 4a82942ad..8c405ba1d 100644 --- a/etc/xpdf.profile +++ b/etc/xpdf.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -38,5 +39,3 @@ shell none | |||
38 | private-dev | 39 | private-dev |
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/zaproxy.profile b/etc/zaproxy.profile index cc572cbfe..dc3164da1 100644 --- a/etc/zaproxy.profile +++ b/etc/zaproxy.profile | |||
@@ -17,6 +17,7 @@ noblacklist /usr/share/java | |||
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
@@ -47,5 +48,3 @@ disable-mnt | |||
47 | private-dev | 48 | private-dev |
48 | private-tmp | 49 | private-tmp |
49 | 50 | ||
50 | noexec ${HOME} | ||
51 | noexec /tmp | ||
diff --git a/etc/zart.profile b/etc/zart.profile index 32df94841..f380e93f0 100644 --- a/etc/zart.profile +++ b/etc/zart.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${PICTURES} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -33,5 +34,3 @@ shell none | |||
33 | private-bin zart,ffmpeg,melt,ffprobe,ffplay | 34 | private-bin zart,ffmpeg,melt,ffprobe,ffplay |
34 | private-dev | 35 | private-dev |
35 | 36 | ||
36 | noexec ${HOME} | ||
37 | noexec /tmp | ||