diff options
Diffstat (limited to 'etc/exiftool.profile')
-rw-r--r-- | etc/exiftool.profile | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/etc/exiftool.profile b/etc/exiftool.profile index 37e01f8d3..1838ce273 100644 --- a/etc/exiftool.profile +++ b/etc/exiftool.profile | |||
@@ -19,7 +19,10 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | apparmor | ||
22 | caps.drop all | 23 | caps.drop all |
24 | ipc-namespace | ||
25 | machine-id | ||
23 | net none | 26 | net none |
24 | no3d | 27 | no3d |
25 | nodbus | 28 | nodbus |
@@ -36,8 +39,12 @@ seccomp | |||
36 | shell none | 39 | shell none |
37 | tracelog | 40 | tracelog |
38 | 41 | ||
39 | # private-bin exiftool,perl | 42 | private-bin exiftool,perl |
40 | private-cache | 43 | private-cache |
41 | private-dev | 44 | private-dev |
42 | private-etc alternatives | 45 | private-etc alternatives |
43 | private-tmp | 46 | private-tmp |
47 | |||
48 | memory-deny-write-execute | ||
49 | noexec ${HOME} | ||
50 | noexec /tmp | ||