diff options
-rw-r--r-- | etc/easystroke.profile | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/etc/easystroke.profile b/etc/easystroke.profile index 44156f97e..42529d302 100644 --- a/etc/easystroke.profile +++ b/etc/easystroke.profile | |||
@@ -10,12 +10,14 @@ noblacklist ${HOME}/.easystroke | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | ||
16 | 18 | ||
19 | apparmor | ||
17 | caps.drop all | 20 | caps.drop all |
18 | ipc-namespace | ||
19 | machine-id | 21 | machine-id |
20 | net none | 22 | net none |
21 | no3d | 23 | no3d |
@@ -33,13 +35,13 @@ seccomp | |||
33 | shell none | 35 | shell none |
34 | 36 | ||
35 | disable-mnt | 37 | disable-mnt |
36 | private-bin easystroke,bash,sh | 38 | # breaks custom shell command functionality |
39 | #private-bin bash,easystroke,sh | ||
37 | private-cache | 40 | private-cache |
38 | private-dev | 41 | private-dev |
39 | private-etc alternatives,fonts | 42 | private-etc alternatives,fonts,group,passwd |
40 | private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* | 43 | # breaks custom shell command functionality |
44 | #private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* | ||
41 | private-tmp | 45 | private-tmp |
42 | 46 | ||
43 | memory-deny-write-execute | 47 | memory-deny-write-execute |
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||