diff options
Diffstat (limited to 'etc/evince.profile')
-rw-r--r-- | etc/evince.profile | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/etc/evince.profile b/etc/evince.profile index e9b530ece..b784df57c 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -20,7 +20,7 @@ include whitelist-var-common.inc | |||
20 | 20 | ||
21 | caps.drop all | 21 | caps.drop all |
22 | machine-id | 22 | machine-id |
23 | # net none breaks AppArmor on Ubuntu systems | 23 | # net none - breaks AppArmor on Ubuntu systems |
24 | netfilter | 24 | netfilter |
25 | no3d | 25 | no3d |
26 | nodbus | 26 | nodbus |
@@ -39,12 +39,10 @@ tracelog | |||
39 | 39 | ||
40 | private-bin evince,evince-previewer,evince-thumbnailer | 40 | private-bin evince,evince-previewer,evince-thumbnailer |
41 | private-dev | 41 | private-dev |
42 | private-etc alternatives,fonts,machine-id | 42 | private-etc alternatives,fonts,group,machine-id,passwd |
43 | |||
44 | private-lib evince,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libdjvulibre.so.*,libgconf-2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,gconv | 43 | private-lib evince,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libdjvulibre.so.*,libgconf-2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,gconv |
45 | |||
46 | private-tmp | 44 | private-tmp |
47 | 45 | ||
48 | #memory-deny-write-execute - breaks application on Archlinux, issue 1803 | 46 | # memory-deny-write-execute - might break application (https://github.com/netblue30/firejail/issues/1803) |
49 | noexec ${HOME} | 47 | noexec ${HOME} |
50 | noexec /tmp | 48 | noexec /tmp |