diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/QMediathekView.profile | 2 | ||||
-rw-r--r-- | etc/audacious.profile | 1 | ||||
-rw-r--r-- | etc/baloo_file.profile | 2 | ||||
-rw-r--r-- | etc/calligra.profile | 1 | ||||
-rw-r--r-- | etc/gwenview.profile | 1 | ||||
-rw-r--r-- | etc/k3b.profile | 1 | ||||
-rw-r--r-- | etc/konversation.profile | 2 | ||||
-rw-r--r-- | etc/krita.profile | 1 | ||||
-rw-r--r-- | etc/kwin_x11.profile | 1 | ||||
-rw-r--r-- | etc/mediathekview.profile | 3 |
10 files changed, 15 insertions, 0 deletions
diff --git a/etc/QMediathekView.profile b/etc/QMediathekView.profile index f969cd855..0cc6b6cb6 100644 --- a/etc/QMediathekView.profile +++ b/etc/QMediathekView.profile | |||
@@ -17,12 +17,14 @@ noblacklist ${HOME}/.config/xplayer | |||
17 | noblacklist ${HOME}/.local/share/totem | 17 | noblacklist ${HOME}/.local/share/totem |
18 | noblacklist ${HOME}/.local/share/xplayer | 18 | noblacklist ${HOME}/.local/share/xplayer |
19 | noblacklist ${HOME}/.mplayer | 19 | noblacklist ${HOME}/.mplayer |
20 | noblacklist ${VIDEOS} | ||
20 | 21 | ||
21 | include disable-common.inc | 22 | include disable-common.inc |
22 | include disable-devel.inc | 23 | include disable-devel.inc |
23 | include disable-interpreters.inc | 24 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
27 | include disable-xdg.inc | ||
26 | 28 | ||
27 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
28 | 30 | ||
diff --git a/etc/audacious.profile b/etc/audacious.profile index 93a2f4b3e..4ca886579 100644 --- a/etc/audacious.profile +++ b/etc/audacious.profile | |||
@@ -34,6 +34,7 @@ seccomp | |||
34 | shell none | 34 | shell none |
35 | tracelog | 35 | tracelog |
36 | 36 | ||
37 | private-cache | ||
37 | # private-bin audacious | 38 | # private-bin audacious |
38 | private-dev | 39 | private-dev |
39 | private-tmp | 40 | private-tmp |
diff --git a/etc/baloo_file.profile b/etc/baloo_file.profile index e094945b7..875bc7989 100644 --- a/etc/baloo_file.profile +++ b/etc/baloo_file.profile | |||
@@ -26,6 +26,7 @@ include disable-programs.inc | |||
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
28 | caps.drop all | 28 | caps.drop all |
29 | netfilter | ||
29 | no3d | 30 | no3d |
30 | nodvd | 31 | nodvd |
31 | nogroups | 32 | nogroups |
@@ -41,6 +42,7 @@ seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fano | |||
41 | shell none | 42 | shell none |
42 | # x11 xorg | 43 | # x11 xorg |
43 | 44 | ||
45 | private-cache | ||
44 | private-bin baloo_file,baloo_file_extractor,baloo_filemetadata_temp_extractor,kbuildsycoca4 | 46 | private-bin baloo_file,baloo_file_extractor,baloo_filemetadata_temp_extractor,kbuildsycoca4 |
45 | private-dev | 47 | private-dev |
46 | private-tmp | 48 | private-tmp |
diff --git a/etc/calligra.profile b/etc/calligra.profile index 84a60a196..7054739c8 100644 --- a/etc/calligra.profile +++ b/etc/calligra.profile | |||
@@ -15,6 +15,7 @@ include disable-programs.inc | |||
15 | caps.drop all | 15 | caps.drop all |
16 | ipc-namespace | 16 | ipc-namespace |
17 | # net none | 17 | # net none |
18 | netfilter | ||
18 | # nodbus | 19 | # nodbus |
19 | nodvd | 20 | nodvd |
20 | nogroups | 21 | nogroups |
diff --git a/etc/gwenview.profile b/etc/gwenview.profile index 6deabbd8b..e90578333 100644 --- a/etc/gwenview.profile +++ b/etc/gwenview.profile | |||
@@ -28,6 +28,7 @@ include whitelist-var-common.inc | |||
28 | apparmor | 28 | apparmor |
29 | caps.drop all | 29 | caps.drop all |
30 | # net none | 30 | # net none |
31 | netfilter | ||
31 | # nodbus | 32 | # nodbus |
32 | nodvd | 33 | nodvd |
33 | nogroups | 34 | nogroups |
diff --git a/etc/k3b.profile b/etc/k3b.profile index 8c599d0ca..60da458ab 100644 --- a/etc/k3b.profile +++ b/etc/k3b.profile | |||
@@ -21,6 +21,7 @@ include disable-xdg.inc | |||
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
24 | netfilter | ||
24 | no3d | 25 | no3d |
25 | nonewprivs | 26 | nonewprivs |
26 | noroot | 27 | noroot |
diff --git a/etc/konversation.profile b/etc/konversation.profile index aead198b0..77e09fafb 100644 --- a/etc/konversation.profile +++ b/etc/konversation.profile | |||
@@ -15,6 +15,7 @@ include disable-devel.inc | |||
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | ||
18 | 19 | ||
19 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
20 | 21 | ||
@@ -32,6 +33,7 @@ seccomp | |||
32 | shell none | 33 | shell none |
33 | tracelog | 34 | tracelog |
34 | 35 | ||
36 | private-cache | ||
35 | private-bin konversation,kbuildsycoca4 | 37 | private-bin konversation,kbuildsycoca4 |
36 | private-dev | 38 | private-dev |
37 | private-tmp | 39 | private-tmp |
diff --git a/etc/krita.profile b/etc/krita.profile index bd02522f6..3313106a2 100644 --- a/etc/krita.profile +++ b/etc/krita.profile | |||
@@ -28,6 +28,7 @@ apparmor | |||
28 | caps.drop all | 28 | caps.drop all |
29 | ipc-namespace | 29 | ipc-namespace |
30 | # net none | 30 | # net none |
31 | netfilter | ||
31 | # nodbus | 32 | # nodbus |
32 | nodvd | 33 | nodvd |
33 | nogroups | 34 | nogroups |
diff --git a/etc/kwin_x11.profile b/etc/kwin_x11.profile index 4cb489577..653283150 100644 --- a/etc/kwin_x11.profile +++ b/etc/kwin_x11.profile | |||
@@ -15,6 +15,7 @@ include disable-devel.inc | |||
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | ||
18 | 19 | ||
19 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
20 | 21 | ||
diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile index 06e140990..a438634f3 100644 --- a/etc/mediathekview.profile +++ b/etc/mediathekview.profile | |||
@@ -16,6 +16,7 @@ noblacklist ${HOME}/.local/share/totem | |||
16 | noblacklist ${HOME}/.local/share/xplayer | 16 | noblacklist ${HOME}/.local/share/xplayer |
17 | noblacklist ${HOME}/.mediathek3 | 17 | noblacklist ${HOME}/.mediathek3 |
18 | noblacklist ${HOME}/.mplayer | 18 | noblacklist ${HOME}/.mplayer |
19 | noblacklist ${VIDEOS} | ||
19 | 20 | ||
20 | # Allow access to java | 21 | # Allow access to java |
21 | noblacklist ${PATH}/java | 22 | noblacklist ${PATH}/java |
@@ -28,6 +29,7 @@ include disable-devel.inc | |||
28 | include disable-interpreters.inc | 29 | include disable-interpreters.inc |
29 | include disable-passwdmgr.inc | 30 | include disable-passwdmgr.inc |
30 | include disable-programs.inc | 31 | include disable-programs.inc |
32 | include disable-xdg.inc | ||
31 | 33 | ||
32 | include whitelist-var-common.inc | 34 | include whitelist-var-common.inc |
33 | 35 | ||
@@ -44,6 +46,7 @@ protocol unix,inet,inet6 | |||
44 | seccomp | 46 | seccomp |
45 | tracelog | 47 | tracelog |
46 | 48 | ||
49 | private-cache | ||
47 | private-dev | 50 | private-dev |
48 | private-tmp | 51 | private-tmp |
49 | 52 | ||