From 17b7a99c6854bc9fdb5edbcfbb4ad2c4d493eebb Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Sun, 24 Feb 2019 21:11:55 +0000
Subject: Harden enchant.profile (#2455)

---
 etc/enchant.profile | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'etc/enchant.profile')

diff --git a/etc/enchant.profile b/etc/enchant.profile
index 1d3d33d68..f2d9d2ee9 100644
--- a/etc/enchant.profile
+++ b/etc/enchant.profile
@@ -15,8 +15,11 @@ include disable-passwdmgr.inc
 include disable-programs.inc
 include disable-xdg.inc
 
+apparmor
 caps.drop all
-netfilter
+ipc-namespace
+machine-id
+net none
 no3d
 nodbus
 nodvd
@@ -32,12 +35,13 @@ seccomp
 shell none
 tracelog
 
-# private-bin enchant, enchant-*
+private-bin enchant, enchant-*
 private-cache
 private-dev
 private-etc alternatives
+private-lib
 private-tmp
 
-# memory-deny-write-execute
+memory-deny-write-execute
 noexec ${HOME}
 noexec /tmp
-- 
cgit v1.2.3-70-g09d2