From 3e1ffebfe3e36dee772649a5eaf81bdb695a5ce9 Mon Sep 17 00:00:00 2001 From: Fred-Barclay Date: Sun, 17 Feb 2019 15:14:04 -0600 Subject: Fixes from review of 2415 --- etc/display.profile | 3 ++- etc/firefox.profile | 2 +- etc/ping.profile | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/etc/display.profile b/etc/display.profile index 7e4263d2e..ff19365ad 100644 --- a/etc/display.profile +++ b/etc/display.profile @@ -39,5 +39,6 @@ shell none private-bin display,python* private-dev -# private-etc alternatives - on Debian-based systems display is a symlink in /etc/alternatives +# On Debian-based systems, display is a symlink in /etc/alternatives +private-etc alternatives private-tmp diff --git a/etc/firefox.profile b/etc/firefox.profile index 2861a91b4..830bbc6a7 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile @@ -17,7 +17,7 @@ whitelist ${HOME}/.mozilla # firefox requires a shell to launch on Arch. #private-bin firefox,which,sh,dbus-launch,dbus-send,env,bash # private-etc must first be enabled in firefox-common.profile -#private-etc alternatives,firefox +#private-etc firefox # Redirect include firefox-common.profile diff --git a/etc/ping.profile b/etc/ping.profile index 373b8a918..bdd29c1a1 100644 --- a/etc/ping.profile +++ b/etc/ping.profile @@ -41,7 +41,7 @@ private #private-bin has mammoth problems with execvp: "No such file or directory" private-dev # /etc/hosts is required in private-etc; however, just adding it to the list doesn't solve the problem! -#private-etc alternatives,resolv.conf,hosts,ca-certificates,ssl,pki,crypto-policies +#private-etc resolv.conf,hosts,ca-certificates,ssl,pki,crypto-policies private-tmp # memory-deny-write-execute is built using seccomp; nonewprivs will kill it -- cgit v1.2.3-70-g09d2