From d4d176470a1c0e9ad2a65428318f78f7c2609332 Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Wed, 13 Mar 2019 13:08:53 +0100
Subject: Harden Minetest

---
 etc/minetest.profile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/etc/minetest.profile b/etc/minetest.profile
index aa50847ea..b3e692446 100644
--- a/etc/minetest.profile
+++ b/etc/minetest.profile
@@ -10,9 +10,11 @@ noblacklist ${HOME}/.minetest
 
 include disable-common.inc
 include disable-devel.inc
+include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
+include disable-xdg.inc
 
 mkdir ${HOME}/.minetest
 whitelist ${HOME}/.minetest
@@ -33,13 +35,12 @@ novideo
 protocol unix,inet,inet6
 seccomp
 shell none
+tracelog
 
 disable-mnt
 private-bin minetest
+private-cache
 private-dev
 # private-etc needs to be updated, see #1702
 #private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies,machine-id
 private-tmp
-
-noexec ${HOME}
-noexec /tmp
-- 
cgit v1.2.3-54-g00ecf