diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/sqlitebrowser.profile | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/etc/sqlitebrowser.profile b/etc/sqlitebrowser.profile index 6bdd437cd..8122079e1 100644 --- a/etc/sqlitebrowser.profile +++ b/etc/sqlitebrowser.profile | |||
@@ -18,10 +18,11 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | include whitelist-var-common.inc | 19 | include whitelist-var-common.inc |
20 | 20 | ||
21 | apparmor | ||
21 | caps.drop all | 22 | caps.drop all |
22 | net none | 23 | ipc-namespace |
23 | no3d | 24 | netfilter |
24 | nodbus | 25 | # nodbus - breaks proxy creation |
25 | nodvd | 26 | nodvd |
26 | nogroups | 27 | nogroups |
27 | nonewprivs | 28 | nonewprivs |
@@ -30,15 +31,16 @@ nosound | |||
30 | notv | 31 | notv |
31 | nou2f | 32 | nou2f |
32 | novideo | 33 | novideo |
33 | protocol unix | 34 | protocol unix,inet,inet6,netlink |
34 | seccomp | 35 | seccomp |
35 | shell none | 36 | shell none |
36 | 37 | ||
37 | private-bin sqlitebrowser | 38 | private-bin sqlitebrowser |
38 | private-cache | 39 | private-cache |
39 | private-dev | 40 | private-dev |
41 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,machine-id,passwd,pki,ssl | ||
40 | private-tmp | 42 | private-tmp |
41 | 43 | ||
42 | # memory-deny-write-execute - breaks on Arch | 44 | memory-deny-write-execute |
43 | noexec ${HOME} | 45 | noexec ${HOME} |
44 | noexec /tmp | 46 | noexec /tmp |