diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/7z.profile | 3 | ||||
-rw-r--r-- | etc/atool.profile | 3 | ||||
-rw-r--r-- | etc/cpio.profile | 3 | ||||
-rw-r--r-- | etc/exiftool.profile | 3 | ||||
-rw-r--r-- | etc/gzip.profile | 3 | ||||
-rw-r--r-- | etc/highlight.profile | 3 | ||||
-rw-r--r-- | etc/less.profile | 3 | ||||
-rw-r--r-- | etc/mediainfo.profile | 3 | ||||
-rw-r--r-- | etc/odt2txt.profile | 3 | ||||
-rw-r--r-- | etc/patch.profile | 1 | ||||
-rw-r--r-- | etc/pdftotext.profile | 3 | ||||
-rw-r--r-- | etc/shellcheck.profile | 1 | ||||
-rw-r--r-- | etc/strings.profile | 3 | ||||
-rw-r--r-- | etc/tar.profile | 3 | ||||
-rw-r--r-- | etc/unrar.profile | 3 | ||||
-rw-r--r-- | etc/unzip.profile | 3 | ||||
-rw-r--r-- | etc/uudeview.profile | 1 | ||||
-rw-r--r-- | etc/xzdec.profile | 3 |
18 files changed, 18 insertions, 30 deletions
diff --git a/etc/7z.profile b/etc/7z.profile index ee2b493f8..15e99e936 100644 --- a/etc/7z.profile +++ b/etc/7z.profile | |||
@@ -6,8 +6,6 @@ include 7z.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | ||
10 | |||
11 | include disable-common.inc | 9 | include disable-common.inc |
12 | include disable-devel.inc | 10 | include disable-devel.inc |
13 | include disable-exec.inc | 11 | include disable-exec.inc |
@@ -33,5 +31,6 @@ protocol unix | |||
33 | seccomp | 31 | seccomp |
34 | shell none | 32 | shell none |
35 | tracelog | 33 | tracelog |
34 | x11 none | ||
36 | 35 | ||
37 | private-dev | 36 | private-dev |
diff --git a/etc/atool.profile b/etc/atool.profile index 7bcfdb935..c9d950259 100644 --- a/etc/atool.profile +++ b/etc/atool.profile | |||
@@ -10,8 +10,6 @@ include globals.local | |||
10 | # Allow perl (blacklisted by disable-interpreters.inc) | 10 | # Allow perl (blacklisted by disable-interpreters.inc) |
11 | include allow-perl.inc | 11 | include allow-perl.inc |
12 | 12 | ||
13 | blacklist /tmp/.X11-unix | ||
14 | |||
15 | include disable-common.inc | 13 | include disable-common.inc |
16 | # include disable-devel.inc | 14 | # include disable-devel.inc |
17 | include disable-exec.inc | 15 | include disable-exec.inc |
@@ -40,6 +38,7 @@ protocol unix | |||
40 | seccomp | 38 | seccomp |
41 | shell none | 39 | shell none |
42 | tracelog | 40 | tracelog |
41 | x11 none | ||
43 | 42 | ||
44 | # private-bin atool,perl | 43 | # private-bin atool,perl |
45 | private-cache | 44 | private-cache |
diff --git a/etc/cpio.profile b/etc/cpio.profile index 0bb45f5cd..17a765700 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile | |||
@@ -10,8 +10,6 @@ include globals.local | |||
10 | noblacklist /sbin | 10 | noblacklist /sbin |
11 | noblacklist /usr/sbin | 11 | noblacklist /usr/sbin |
12 | 12 | ||
13 | blacklist /tmp/.X11-unix | ||
14 | |||
15 | include disable-common.inc | 13 | include disable-common.inc |
16 | # include disable-devel.inc | 14 | # include disable-devel.inc |
17 | include disable-exec.inc | 15 | include disable-exec.inc |
@@ -36,6 +34,7 @@ novideo | |||
36 | seccomp | 34 | seccomp |
37 | shell none | 35 | shell none |
38 | tracelog | 36 | tracelog |
37 | x11 none | ||
39 | 38 | ||
40 | private-cache | 39 | private-cache |
41 | private-dev | 40 | private-dev |
diff --git a/etc/exiftool.profile b/etc/exiftool.profile index 52e090b89..e76a4ca4c 100644 --- a/etc/exiftool.profile +++ b/etc/exiftool.profile | |||
@@ -9,8 +9,6 @@ include globals.local | |||
9 | # Allow perl (blacklisted by disable-interpreters.inc) | 9 | # Allow perl (blacklisted by disable-interpreters.inc) |
10 | include allow-perl.inc | 10 | include allow-perl.inc |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | ||
13 | |||
14 | include disable-common.inc | 12 | include disable-common.inc |
15 | include disable-devel.inc | 13 | include disable-devel.inc |
16 | include disable-exec.inc | 14 | include disable-exec.inc |
@@ -37,6 +35,7 @@ protocol unix | |||
37 | seccomp | 35 | seccomp |
38 | shell none | 36 | shell none |
39 | tracelog | 37 | tracelog |
38 | x11 none | ||
40 | 39 | ||
41 | # To support exiftool in private-bin on Arch Linux (and derivatives), symlink /usr/bin/vendor_perl/exiftool to /usr/bin/exiftool and uncomment the below. | 40 | # To support exiftool in private-bin on Arch Linux (and derivatives), symlink /usr/bin/vendor_perl/exiftool to /usr/bin/exiftool and uncomment the below. |
42 | # Users on non-Arch Linux distributions can safely uncomment (or put in exiftool.local) the line below to enable extra hardening. | 41 | # Users on non-Arch Linux distributions can safely uncomment (or put in exiftool.local) the line below to enable extra hardening. |
diff --git a/etc/gzip.profile b/etc/gzip.profile index 810684eae..38f6ee65e 100644 --- a/etc/gzip.profile +++ b/etc/gzip.profile | |||
@@ -7,8 +7,6 @@ include gzip.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-devel.inc | 11 | include disable-devel.inc |
14 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -36,6 +34,7 @@ protocol unix | |||
36 | seccomp | 34 | seccomp |
37 | shell none | 35 | shell none |
38 | tracelog | 36 | tracelog |
37 | x11 none | ||
39 | 38 | ||
40 | private-cache | 39 | private-cache |
41 | private-dev | 40 | private-dev |
diff --git a/etc/highlight.profile b/etc/highlight.profile index cae8e29d7..249d5cd17 100644 --- a/etc/highlight.profile +++ b/etc/highlight.profile | |||
@@ -6,8 +6,6 @@ include highlight.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | ||
10 | |||
11 | include disable-common.inc | 9 | include disable-common.inc |
12 | include disable-devel.inc | 10 | include disable-devel.inc |
13 | include disable-interpreters.inc | 11 | include disable-interpreters.inc |
@@ -30,6 +28,7 @@ protocol unix | |||
30 | seccomp | 28 | seccomp |
31 | shell none | 29 | shell none |
32 | tracelog | 30 | tracelog |
31 | x11 none | ||
33 | 32 | ||
34 | private-bin highlight | 33 | private-bin highlight |
35 | private-cache | 34 | private-cache |
diff --git a/etc/less.profile b/etc/less.profile index 720950432..e6366ad28 100644 --- a/etc/less.profile +++ b/etc/less.profile | |||
@@ -9,8 +9,6 @@ include globals.local | |||
9 | 9 | ||
10 | noblacklist ${HOME}/.lesshst | 10 | noblacklist ${HOME}/.lesshst |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | ||
13 | |||
14 | include disable-common.inc | 12 | include disable-common.inc |
15 | include disable-devel.inc | 13 | include disable-devel.inc |
16 | include disable-exec.inc | 14 | include disable-exec.inc |
@@ -36,6 +34,7 @@ protocol unix | |||
36 | seccomp | 34 | seccomp |
37 | shell none | 35 | shell none |
38 | tracelog | 36 | tracelog |
37 | x11 none | ||
39 | 38 | ||
40 | # The user can have a custom coloring script configured in ${HOME}/.lessfilter. | 39 | # The user can have a custom coloring script configured in ${HOME}/.lessfilter. |
41 | # Enable private-bin and private-lib if you are not using any filter. | 40 | # Enable private-bin and private-lib if you are not using any filter. |
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index d2681f32d..02d4a937c 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile | |||
@@ -6,8 +6,6 @@ include mediainfo.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | ||
10 | |||
11 | include disable-common.inc | 9 | include disable-common.inc |
12 | include disable-devel.inc | 10 | include disable-devel.inc |
13 | include disable-exec.inc | 11 | include disable-exec.inc |
@@ -34,6 +32,7 @@ protocol unix | |||
34 | seccomp | 32 | seccomp |
35 | shell none | 33 | shell none |
36 | tracelog | 34 | tracelog |
35 | x11 none | ||
37 | 36 | ||
38 | private-bin mediainfo | 37 | private-bin mediainfo |
39 | private-cache | 38 | private-cache |
diff --git a/etc/odt2txt.profile b/etc/odt2txt.profile index 3e1739bf9..719753c87 100644 --- a/etc/odt2txt.profile +++ b/etc/odt2txt.profile | |||
@@ -8,8 +8,6 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | ||
12 | |||
13 | include disable-common.inc | 11 | include disable-common.inc |
14 | include disable-devel.inc | 12 | include disable-devel.inc |
15 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
@@ -33,6 +31,7 @@ protocol unix | |||
33 | seccomp | 31 | seccomp |
34 | shell none | 32 | shell none |
35 | tracelog | 33 | tracelog |
34 | x11 none | ||
36 | 35 | ||
37 | private-bin odt2txt | 36 | private-bin odt2txt |
38 | private-cache | 37 | private-cache |
diff --git a/etc/patch.profile b/etc/patch.profile index 9515bffdf..60cc1adbe 100644 --- a/etc/patch.profile +++ b/etc/patch.profile | |||
@@ -34,6 +34,7 @@ novideo | |||
34 | protocol unix | 34 | protocol unix |
35 | seccomp | 35 | seccomp |
36 | shell none | 36 | shell none |
37 | x11 none | ||
37 | 38 | ||
38 | private-bin patch,red | 39 | private-bin patch,red |
39 | private-dev | 40 | private-dev |
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile index 87d7a87f1..c5016201d 100644 --- a/etc/pdftotext.profile +++ b/etc/pdftotext.profile | |||
@@ -7,8 +7,6 @@ include globals.local | |||
7 | 7 | ||
8 | noblacklist ${DOCUMENTS} | 8 | noblacklist ${DOCUMENTS} |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-devel.inc | 11 | include disable-devel.inc |
14 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
@@ -37,6 +35,7 @@ protocol unix | |||
37 | seccomp | 35 | seccomp |
38 | shell none | 36 | shell none |
39 | tracelog | 37 | tracelog |
38 | x11 none | ||
40 | 39 | ||
41 | private-bin pdftotext | 40 | private-bin pdftotext |
42 | private-dev | 41 | private-dev |
diff --git a/etc/shellcheck.profile b/etc/shellcheck.profile index b8974e416..da5b4258b 100644 --- a/etc/shellcheck.profile +++ b/etc/shellcheck.profile | |||
@@ -35,6 +35,7 @@ novideo | |||
35 | protocol unix | 35 | protocol unix |
36 | seccomp | 36 | seccomp |
37 | shell none | 37 | shell none |
38 | x11 none | ||
38 | 39 | ||
39 | private-dev | 40 | private-dev |
40 | private-tmp | 41 | private-tmp |
diff --git a/etc/strings.profile b/etc/strings.profile index ace0d9351..621e8e177 100644 --- a/etc/strings.profile +++ b/etc/strings.profile | |||
@@ -6,8 +6,6 @@ include strings.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | ||
10 | |||
11 | include disable-common.inc | 9 | include disable-common.inc |
12 | include disable-devel.inc | 10 | include disable-devel.inc |
13 | include disable-exec.inc | 11 | include disable-exec.inc |
@@ -34,6 +32,7 @@ protocol unix | |||
34 | seccomp | 32 | seccomp |
35 | shell none | 33 | shell none |
36 | tracelog | 34 | tracelog |
35 | x11 none | ||
37 | 36 | ||
38 | #private | 37 | #private |
39 | private-bin strings | 38 | private-bin strings |
diff --git a/etc/tar.profile b/etc/tar.profile index 7e1fa8b92..1232bb372 100644 --- a/etc/tar.profile +++ b/etc/tar.profile | |||
@@ -7,8 +7,6 @@ include tar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-devel.inc | 11 | include disable-devel.inc |
14 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -36,6 +34,7 @@ protocol unix | |||
36 | seccomp | 34 | seccomp |
37 | shell none | 35 | shell none |
38 | tracelog | 36 | tracelog |
37 | x11 none | ||
39 | 38 | ||
40 | # support compressed archives | 39 | # support compressed archives |
41 | private-bin bash,bzip2,compress,gtar,gzip,lbzip2,lzip,lzma,lzop,sh,tar,xz | 40 | private-bin bash,bzip2,compress,gtar,gzip,lbzip2,lzip,lzma,lzop,sh,tar,xz |
diff --git a/etc/unrar.profile b/etc/unrar.profile index a2e101a58..428173e7d 100644 --- a/etc/unrar.profile +++ b/etc/unrar.profile | |||
@@ -7,8 +7,6 @@ include unrar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-devel.inc | 11 | include disable-devel.inc |
14 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -35,6 +33,7 @@ protocol unix | |||
35 | seccomp | 33 | seccomp |
36 | shell none | 34 | shell none |
37 | tracelog | 35 | tracelog |
36 | x11 none | ||
38 | 37 | ||
39 | private-bin unrar | 38 | private-bin unrar |
40 | private-dev | 39 | private-dev |
diff --git a/etc/unzip.profile b/etc/unzip.profile index 875fa6f98..94aee724d 100644 --- a/etc/unzip.profile +++ b/etc/unzip.profile | |||
@@ -10,8 +10,6 @@ include globals.local | |||
10 | # GNOME Shell integration (chrome-gnome-shell) | 10 | # GNOME Shell integration (chrome-gnome-shell) |
11 | noblacklist ${HOME}/.local/share/gnome-shell | 11 | noblacklist ${HOME}/.local/share/gnome-shell |
12 | 12 | ||
13 | blacklist /tmp/.X11-unix | ||
14 | |||
15 | include disable-common.inc | 13 | include disable-common.inc |
16 | include disable-devel.inc | 14 | include disable-devel.inc |
17 | include disable-exec.inc | 15 | include disable-exec.inc |
@@ -38,6 +36,7 @@ protocol unix | |||
38 | seccomp | 36 | seccomp |
39 | shell none | 37 | shell none |
40 | tracelog | 38 | tracelog |
39 | x11 none | ||
41 | 40 | ||
42 | private-bin unzip | 41 | private-bin unzip |
43 | private-cache | 42 | private-cache |
diff --git a/etc/uudeview.profile b/etc/uudeview.profile index 53fad0ba5..af6cd620f 100644 --- a/etc/uudeview.profile +++ b/etc/uudeview.profile | |||
@@ -32,6 +32,7 @@ protocol unix | |||
32 | seccomp | 32 | seccomp |
33 | shell none | 33 | shell none |
34 | tracelog | 34 | tracelog |
35 | x11 none | ||
35 | 36 | ||
36 | private-bin uudeview | 37 | private-bin uudeview |
37 | private-cache | 38 | private-cache |
diff --git a/etc/xzdec.profile b/etc/xzdec.profile index 3adaa557c..93c288d6e 100644 --- a/etc/xzdec.profile +++ b/etc/xzdec.profile | |||
@@ -7,8 +7,6 @@ include xzdec.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | |||
12 | include disable-common.inc | 10 | include disable-common.inc |
13 | include disable-devel.inc | 11 | include disable-devel.inc |
14 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -34,5 +32,6 @@ protocol unix | |||
34 | seccomp | 32 | seccomp |
35 | shell none | 33 | shell none |
36 | tracelog | 34 | tracelog |
35 | x11 none | ||
37 | 36 | ||
38 | private-dev | 37 | private-dev |