5 files changed, 16 insertions, 4 deletions

diff --git a/README b/README
index 6f3342650..8aa1bf691 100644
--- a/README
+++ b/README
@@ -547,11 +547,11 @@ rusty-snake (https://github.com/rusty-snake)
         - added profiles: kid3-qt, kid3-cli, anki, utox
         - fixed profiles: kdenlive, bibletime, rhythmbox, gajim, seahorse
         - fixed profiles: libreoffice, gnome-maps, wget, seahorse-tool
-        - fixed profiles: gnome-logs, klavaro
+        - fixed profiles: gnome-logs, klavaro, default
         - hardened profiles: disable-common.inc, disable-programs.inc
         - hardened profiles: gajim, evince, ffmpeg, feh-network.inc, qtox
         - hardened profiles: gnome-clocks, meld, minetest, youtube-dl
-        - hardened profiles: bibletime, whois
+        - hardened profiles: bibletime, whois, etr, display, feh
         - gnome-mpv was renamed to celluloid
         - updates for ~/.cargo and ~/.python-history
 Salvo 'LtWorf' Tomaselli (https://github.com/ltworf)
diff --git a/etc/default.profile b/etc/default.profile
index 3eacf9546..95a6e8095 100644
--- a/etc/default.profile
+++ b/etc/default.profile
@@ -19,6 +19,8 @@ include disable-programs.inc
 # apparmor
 caps.drop all
 # ipc-namespace
+# machine-id
+# net none
 netfilter
 # no3d
 # nodbus
@@ -33,6 +35,7 @@ noroot
 protocol unix,inet,inet6
 seccomp
 # shell none
+# tracelog
 
 # disable-mnt
 # private
diff --git a/etc/display.profile b/etc/display.profile
index e66fa3ae9..0bab32db1 100644
--- a/etc/display.profile
+++ b/etc/display.profile
@@ -17,6 +17,7 @@ noblacklist /usr/local/lib/python3*
 
 include disable-common.inc
 include disable-devel.inc
+include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
diff --git a/etc/etr.profile b/etc/etr.profile
index cf13a42de..d93d3de63 100644
--- a/etc/etr.profile
+++ b/etc/etr.profile
@@ -8,14 +8,18 @@ include globals.local
 noblacklist ${HOME}/.etr
 
 include disable-common.inc
+include disable-exec.inc
+include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
+include disable-xdg.inc
 
 mkdir ${HOME}/.etr
 whitelist ${HOME}/.etr
 include whitelist-common.inc
 include whitelist-var-common.inc
 
+apparmor
 caps.drop all
 net none
 nodbus
@@ -28,8 +32,11 @@ nou2f
 protocol unix,netlink
 seccomp
 shell none
+tracelog
 
-# private-bin etr
+disable-mnt
+private-bin etr
+private-cache
 private-dev
-# private-etc alternatives
+# private-etc alternatives,drirc,machine-id,openal
 private-tmp
diff --git a/etc/feh.profile b/etc/feh.profile
index f020bace5..6a8071c28 100644
--- a/etc/feh.profile
+++ b/etc/feh.profile
@@ -8,6 +8,7 @@ include globals.local
 
 include disable-common.inc
 include disable-devel.inc
+include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc