From 2f3419a1f79536b453dc0e33b2a1bbe908a299a2 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sun, 18 Mar 2018 02:03:32 +0100
Subject: harden konversation and kwrite, minor fixes

---
 etc/gwenview.profile     | 2 +-
 etc/kate.profile         | 2 +-
 etc/kdenlive.profile     | 2 +-
 etc/konversation.profile | 2 ++
 etc/kwrite.profile       | 2 +-
 5 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/etc/gwenview.profile b/etc/gwenview.profile
index 58e059087..d79b72152 100644
--- a/etc/gwenview.profile
+++ b/etc/gwenview.profile
@@ -39,7 +39,7 @@ tracelog
 
 private-bin gwenview,gimp*,kbuildsycoca4,kdeinit4
 private-dev
-private-etc fonts,gimp,gtk-2.0,kde4rc,kde5rc,ld.so.cache,machine-id,xdg
+private-etc fonts,gimp,gtk-2.0,kde4rc,kde5rc,ld.so.cache,machine-id,pulse,xdg
 
 # memory-deny-write-execute
 noexec ${HOME}
diff --git a/etc/kate.profile b/etc/kate.profile
index 43f38d7e6..a3d2be6b2 100644
--- a/etc/kate.profile
+++ b/etc/kate.profile
@@ -37,7 +37,7 @@ seccomp
 shell none
 tracelog
 
-# private-bin kate
+# private-bin kate,kbuildsycoca4,kdeinit4
 private-dev
 # private-etc fonts,kde4rc,kde5rc,ld.so.cache,machine-id,xdg
 private-tmp
diff --git a/etc/kdenlive.profile b/etc/kdenlive.profile
index 424ad767e..5c770856a 100644
--- a/etc/kdenlive.profile
+++ b/etc/kdenlive.profile
@@ -29,7 +29,7 @@ shell none
 
 private-bin kdenlive,kdenlive_render,dbus-launch,melt,ffmpeg,ffplay,ffprobe,dvdauthor,genisoimage,vlc,xine,kdeinit5,kshell5,kdeinit5_shutdown,kdeinit5_wrapper,kdeinit4,kshell4,kdeinit4_shutdown,kdeinit4_wrapper
 private-dev
-# private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,machine-id,passwd,xdg,X11
+# private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,machine-id,passwd,pulse,xdg,X11
 
 # noexec ${HOME}
 noexec /tmp
diff --git a/etc/konversation.profile b/etc/konversation.profile
index db91940e2..356d2f314 100644
--- a/etc/konversation.profile
+++ b/etc/konversation.profile
@@ -26,8 +26,10 @@ notv
 novideo
 protocol unix,inet,inet6
 seccomp
+shell none
 tracelog
 
+private-bin konversation,kbuildsycoca4
 private-dev
 private-tmp
 
diff --git a/etc/kwrite.profile b/etc/kwrite.profile
index 6e8e33cb3..a785f3541 100644
--- a/etc/kwrite.profile
+++ b/etc/kwrite.profile
@@ -40,7 +40,7 @@ tracelog
 
 private-bin kwrite,kbuildsycoca4,kdeinit4
 private-dev
-# private-etc fonts,kde4rc,kde5rc,ld.so.cache,machine-id,xdg
+private-etc fonts,kde4rc,kde5rc,ld.so.cache,machine-id,pulse,xdg
 private-tmp
 
 join-or-start kwrite
-- 
cgit v1.2.3-70-g09d2