From 50e3096b3c1c50bc9a040be3dab1374c146cc7ac Mon Sep 17 00:00:00 2001
From: Fred Barclay <Fred-Barclay@users.noreply.github.com>
Date: Tue, 25 Apr 2017 22:23:16 -0500
Subject: Added noexec for home and tmp, spotify profile.

This might break special cases when an addon (like blockify) is installed in home. We'll need to keep an eye on this.
---
 etc/spotify.profile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/spotify.profile b/etc/spotify.profile
index 8261fe0fb..bfc074c28 100644
--- a/etc/spotify.profile
+++ b/etc/spotify.profile
@@ -28,6 +28,9 @@ protocol unix,inet,inet6,netlink
 seccomp
 shell none
 
+noexec ${HOME}
+noexec /tmp
+
 private-bin spotify,bash,sh
 private-etc fonts,machine-id,pulse,resolv.conf
 private-dev
-- 
cgit v1.2.3-54-g00ecf