diff options
-rw-r--r-- | etc/checkbashisms.profile | 1 | ||||
-rw-r--r-- | etc/dconf.profile | 1 | ||||
-rw-r--r-- | etc/enchant.profile | 1 | ||||
-rw-r--r-- | etc/file.profile | 2 | ||||
-rw-r--r-- | etc/gconf.profile | 1 | ||||
-rw-r--r-- | etc/hashcat.profile | 1 | ||||
-rw-r--r-- | etc/img2txt.profile | 1 | ||||
-rw-r--r-- | etc/mp3splt.profile | 1 | ||||
-rw-r--r-- | etc/nano.profile | 1 | ||||
-rw-r--r-- | etc/ncdu.profile | 1 | ||||
-rw-r--r-- | etc/pandoc.profile | 1 | ||||
-rw-r--r-- | etc/ranger.profile | 1 | ||||
-rw-r--r-- | etc/spectre-meltdown-checker.profile | 1 |
13 files changed, 12 insertions, 2 deletions
diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile index 1bb9b1860..fe3202cea 100644 --- a/etc/checkbashisms.profile +++ b/etc/checkbashisms.profile | |||
@@ -40,6 +40,7 @@ novideo | |||
40 | protocol unix | 40 | protocol unix |
41 | seccomp | 41 | seccomp |
42 | shell none | 42 | shell none |
43 | x11 none | ||
43 | 44 | ||
44 | private-cache | 45 | private-cache |
45 | private-dev | 46 | private-dev |
diff --git a/etc/dconf.profile b/etc/dconf.profile index cf8b4ab43..81763bd94 100644 --- a/etc/dconf.profile +++ b/etc/dconf.profile | |||
@@ -36,6 +36,7 @@ protocol unix | |||
36 | seccomp | 36 | seccomp |
37 | shell none | 37 | shell none |
38 | tracelog | 38 | tracelog |
39 | x11 none | ||
39 | 40 | ||
40 | disable-mnt | 41 | disable-mnt |
41 | private-bin dconf,gsettings | 42 | private-bin dconf,gsettings |
diff --git a/etc/enchant.profile b/etc/enchant.profile index 288d8799c..d30fb8232 100644 --- a/etc/enchant.profile +++ b/etc/enchant.profile | |||
@@ -35,6 +35,7 @@ protocol unix | |||
35 | seccomp | 35 | seccomp |
36 | shell none | 36 | shell none |
37 | tracelog | 37 | tracelog |
38 | x11 none | ||
38 | 39 | ||
39 | private-bin enchant,enchant-* | 40 | private-bin enchant,enchant-* |
40 | private-cache | 41 | private-cache |
diff --git a/etc/file.profile b/etc/file.profile index 2782960c8..69fa7d8cd 100644 --- a/etc/file.profile +++ b/etc/file.profile | |||
@@ -7,8 +7,6 @@ include file.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-exec.inc | 11 | include disable-exec.inc |
14 | include disable-passwdmgr.inc | 12 | include disable-passwdmgr.inc |
diff --git a/etc/gconf.profile b/etc/gconf.profile index a795afa17..4baf8c957 100644 --- a/etc/gconf.profile +++ b/etc/gconf.profile | |||
@@ -42,6 +42,7 @@ protocol unix | |||
42 | seccomp | 42 | seccomp |
43 | shell none | 43 | shell none |
44 | tracelog | 44 | tracelog |
45 | x11 none | ||
45 | 46 | ||
46 | disable-mnt | 47 | disable-mnt |
47 | private-bin gconf-editor,gconf-merge-*,gconfpkg,gconftool-2,gsettings-*-convert,python2* | 48 | private-bin gconf-editor,gconf-merge-*,gconfpkg,gconftool-2,gsettings-*-convert,python2* |
diff --git a/etc/hashcat.profile b/etc/hashcat.profile index 4ed099fae..da59984d7 100644 --- a/etc/hashcat.profile +++ b/etc/hashcat.profile | |||
@@ -33,6 +33,7 @@ novideo | |||
33 | protocol unix | 33 | protocol unix |
34 | seccomp | 34 | seccomp |
35 | shell none | 35 | shell none |
36 | x11 none | ||
36 | 37 | ||
37 | disable-mnt | 38 | disable-mnt |
38 | private-bin hashcat | 39 | private-bin hashcat |
diff --git a/etc/img2txt.profile b/etc/img2txt.profile index a36af8abf..19b4e1ed7 100644 --- a/etc/img2txt.profile +++ b/etc/img2txt.profile | |||
@@ -34,6 +34,7 @@ protocol unix | |||
34 | seccomp | 34 | seccomp |
35 | shell none | 35 | shell none |
36 | tracelog | 36 | tracelog |
37 | x11 none | ||
37 | 38 | ||
38 | # private-bin img2txt | 39 | # private-bin img2txt |
39 | private-cache | 40 | private-cache |
diff --git a/etc/mp3splt.profile b/etc/mp3splt.profile index 6cf6f0409..95173a890 100644 --- a/etc/mp3splt.profile +++ b/etc/mp3splt.profile | |||
@@ -37,6 +37,7 @@ protocol unix | |||
37 | seccomp | 37 | seccomp |
38 | shell none | 38 | shell none |
39 | tracelog | 39 | tracelog |
40 | x11 none | ||
40 | 41 | ||
41 | disable-mnt | 42 | disable-mnt |
42 | private-bin flacsplt,mp3splt,mp3wrap,oggsplt | 43 | private-bin flacsplt,mp3splt,mp3wrap,oggsplt |
diff --git a/etc/nano.profile b/etc/nano.profile index 50e251d49..30a6e03e7 100644 --- a/etc/nano.profile +++ b/etc/nano.profile | |||
@@ -35,6 +35,7 @@ protocol unix | |||
35 | seccomp | 35 | seccomp |
36 | shell none | 36 | shell none |
37 | tracelog | 37 | tracelog |
38 | x11 none | ||
38 | 39 | ||
39 | # disable-mnt | 40 | # disable-mnt |
40 | private-bin nano,rnano | 41 | private-bin nano,rnano |
diff --git a/etc/ncdu.profile b/etc/ncdu.profile index c18e1c4bf..0d7915839 100644 --- a/etc/ncdu.profile +++ b/etc/ncdu.profile | |||
@@ -24,6 +24,7 @@ novideo | |||
24 | protocol unix | 24 | protocol unix |
25 | seccomp | 25 | seccomp |
26 | shell none | 26 | shell none |
27 | x11 none | ||
27 | 28 | ||
28 | private-dev | 29 | private-dev |
29 | # private-tmp | 30 | # private-tmp |
diff --git a/etc/pandoc.profile b/etc/pandoc.profile index 687a31cc2..788324855 100644 --- a/etc/pandoc.profile +++ b/etc/pandoc.profile | |||
@@ -39,6 +39,7 @@ protocol unix | |||
39 | seccomp | 39 | seccomp |
40 | shell none | 40 | shell none |
41 | tracelog | 41 | tracelog |
42 | x11 none | ||
42 | 43 | ||
43 | disable-mnt | 44 | disable-mnt |
44 | private-bin context,latex,mktexfmt,pandoc,pdflatex,pdfroff,prince,weasyprint,wkhtmltopdf | 45 | private-bin context,latex,mktexfmt,pandoc,pdflatex,pdfroff,prince,weasyprint,wkhtmltopdf |
diff --git a/etc/ranger.profile b/etc/ranger.profile index 13e8911ea..4bbc3ea56 100644 --- a/etc/ranger.profile +++ b/etc/ranger.profile | |||
@@ -36,5 +36,6 @@ nou2f | |||
36 | novideo | 36 | novideo |
37 | protocol unix | 37 | protocol unix |
38 | seccomp | 38 | seccomp |
39 | #x11 none | ||
39 | 40 | ||
40 | private-dev | 41 | private-dev |
diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile index edbe0e772..ca2c2b435 100644 --- a/etc/spectre-meltdown-checker.profile +++ b/etc/spectre-meltdown-checker.profile | |||
@@ -38,6 +38,7 @@ novideo | |||
38 | protocol unix | 38 | protocol unix |
39 | seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@reboot,@resources,@swap | 39 | seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@reboot,@resources,@swap |
40 | shell none | 40 | shell none |
41 | x11 none | ||
41 | 42 | ||
42 | disable-mnt | 43 | disable-mnt |
43 | private | 44 | private |