From a06b9c5d74d79759d4f453cb625379019aca6d91 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Thu, 21 Feb 2019 21:21:00 +0000
Subject: Harden gnome-recipes.profile (#2444)

---
 etc/gnome-recipes.profile | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/etc/gnome-recipes.profile b/etc/gnome-recipes.profile
index e516566d7..fc0bcabdc 100644
--- a/etc/gnome-recipes.profile
+++ b/etc/gnome-recipes.profile
@@ -22,6 +22,7 @@ include whitelist-var-common.inc
 
 caps.drop all
 ipc-namespace
+machine-id
 netfilter
 nodvd
 nogroups
@@ -39,9 +40,7 @@ disable-mnt
 private-bin gnome-recipes,tar
 private-dev
 private-etc alternatives,ca-certificates,fonts,ssl,crypto-policies,pki
-# private-lib works for me with Gnome Shell 3.26.2, Mutter WM (Arch Linux)
-# not widely tested though, leaving it to devs discretion to enable it later
-#private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.4,libgnutls.so.30,libjpeg.so.8,libp11-kit.so.0,libproxy.so.1,librsvg-2.so.2
+private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,libgnutls.so.*,libjpeg.so.*,libp11-kit.so.*,libproxy.so.*,librsvg-2.so.*
 private-tmp
 
 noexec ${HOME}
-- 
cgit v1.2.3-70-g09d2