diff options
Diffstat (limited to 'etc/cpio.profile')
-rw-r--r-- | etc/cpio.profile | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/etc/cpio.profile b/etc/cpio.profile index f63e0a552..b6f7e7f9f 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile | |||
@@ -13,14 +13,21 @@ noblacklist /sbin | |||
13 | noblacklist /usr/sbin | 13 | noblacklist /usr/sbin |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | # include disable-devel.inc | ||
17 | include disable-exec.inc | ||
16 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 19 | include disable-programs.inc |
18 | 20 | ||
21 | apparmor | ||
19 | caps.drop all | 22 | caps.drop all |
23 | hostname cpio | ||
24 | ipc-namespace | ||
25 | machine-id | ||
20 | net none | 26 | net none |
21 | no3d | 27 | no3d |
22 | nodbus | 28 | nodbus |
23 | nodvd | 29 | nodvd |
30 | nogroups | ||
24 | nonewprivs | 31 | nonewprivs |
25 | nosound | 32 | nosound |
26 | notv | 33 | notv |
@@ -30,4 +37,7 @@ seccomp | |||
30 | shell none | 37 | shell none |
31 | tracelog | 38 | tracelog |
32 | 39 | ||
40 | private-cache | ||
33 | private-dev | 41 | private-dev |
42 | |||
43 | memory-deny-write-execute | ||