From e8a5e0d3302547c40df2eb7b40a746f5ced3c10e Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 18 Jan 2020 11:03:32 +0000 Subject: refactor claws-mail and sylpheed as whitelist profiles (#3162) * refactor claws-mail as whitelist profile * refactor sylpheed as whitelist profile * Create email-common.profile * safeguard ${DOCUMENTS} * Add disable-xdg to email-common.profile Thanks @rusty-snake for the review. --- etc/claws-mail.profile | 43 ++++--------------------------------------- 1 file changed, 4 insertions(+), 39 deletions(-) (limited to 'etc/claws-mail.profile') diff --git a/etc/claws-mail.profile b/etc/claws-mail.profile index 44124f4a3..a1c44c91d 100644 --- a/etc/claws-mail.profile +++ b/etc/claws-mail.profile @@ -7,46 +7,11 @@ include claws-mail.local include globals.local noblacklist ${HOME}/.claws-mail -noblacklist ${HOME}/.gnupg -noblacklist ${HOME}/.signature -# when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your claws-mail.local -# and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications -noblacklist ${HOME}/Mail -noblacklist ${DOCUMENTS} -include disable-common.inc -include disable-devel.inc -include disable-exec.inc -include disable-interpreters.inc -include disable-passwdmgr.inc -include disable-programs.inc -include disable-xdg.inc +mkdir ${HOME}/.claws-mail +whitelist ${HOME}/.claws-mail whitelist /usr/share/doc/claws-mail -whitelist /usr/share/gnupg -whitelist /usr/share/gnupg2 -include whitelist-usr-share-common.inc -caps.drop all -netfilter -no3d -nodvd -nogroups -nonewprivs -noroot -nosound -notv -nou2f -novideo -protocol unix,inet,inet6 -seccomp -shell none - -private-cache -private-dev -private-tmp - -# If you want to read local mail stored in /var/mail, add the following to claws-mail.local: -# noblacklist /var/mail -# noblacklist /var/spool/mail -# writable-var +# Redirect +include email-common.profile \ No newline at end of file -- cgit v1.2.3-70-g09d2