From a6acf8761b02272c56014477bfceba3dfe2fff84 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 20 Jun 2018 18:23:54 -0400
Subject: disable flatpak directories

---
 etc/disable-common.inc | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 71d4ad97b..56121809a 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -383,3 +383,12 @@ blacklist /vmlinuz*
 
 # complement noexec ${HOME} and noexec /tmp
 noexec /tmp/.X11-unix
+
+# flatpak
+blacklist ${HOME}/*.config/flatpak
+blacklist ${HOME}/*.var
+blacklist ${HOME}/*.local/share/flatpak
+blacklist /var/lib/flatpak
+blacklist /usr/share/flatpak
+# most of the time bwrap is SUID binary
+blacklist /usr/bin/bwrap
\ No newline at end of file
-- 
cgit v1.2.3-70-g09d2