From c63b54b60a8c88d8b198f1c424156aa69a701d45 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Mon, 25 Feb 2019 00:35:38 +0000
Subject: Harden eog.profile (#2469)

---
 etc/eog.profile | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'etc/eog.profile')

diff --git a/etc/eog.profile b/etc/eog.profile
index d448b7c6c..333eb448a 100644
--- a/etc/eog.profile
+++ b/etc/eog.profile
@@ -17,11 +17,11 @@ include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
 
-include whitelist-var-common.inc
-
-# apparmor - makes settings immutable
+apparmor
 caps.drop all
-# net none - makes settings immutable
+ipc-namespace
+machine-id
+net none
 no3d
 # nodbus - makes settings immutable
 nodvd
@@ -40,9 +40,9 @@ private-bin eog
 private-cache
 private-dev
 private-etc alternatives,fonts
-private-lib gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.*
+private-lib eog,gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.*
 private-tmp
 
-#memory-deny-write-execute  - breaks on Arch
+memory-deny-write-execute
 noexec ${HOME}
 noexec /tmp
-- 
cgit v1.2.3-54-g00ecf