From 947337b257612a0291f883149f1e001ccf26112b Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Sat, 13 Apr 2019 12:23:22 +0200
Subject: More disable-exec and hardening

---
 etc/etr.profile | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'etc/etr.profile')

diff --git a/etc/etr.profile b/etc/etr.profile
index cf13a42de..d93d3de63 100644
--- a/etc/etr.profile
+++ b/etc/etr.profile
@@ -8,14 +8,18 @@ include globals.local
 noblacklist ${HOME}/.etr
 
 include disable-common.inc
+include disable-exec.inc
+include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
+include disable-xdg.inc
 
 mkdir ${HOME}/.etr
 whitelist ${HOME}/.etr
 include whitelist-common.inc
 include whitelist-var-common.inc
 
+apparmor
 caps.drop all
 net none
 nodbus
@@ -28,8 +32,11 @@ nou2f
 protocol unix,netlink
 seccomp
 shell none
+tracelog
 
-# private-bin etr
+disable-mnt
+private-bin etr
+private-cache
 private-dev
-# private-etc alternatives
+# private-etc alternatives,drirc,machine-id,openal
 private-tmp
-- 
cgit v1.2.3-70-g09d2