From b7d51c2df6fb62d7830bdd3a873fff618adb00dc Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sat, 15 Apr 2017 16:07:25 -0400
Subject: Harden 19 more profiles

---
 etc/evince.profile | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'etc/evince.profile')

diff --git a/etc/evince.profile b/etc/evince.profile
index 94cefdd8b..ae50425b9 100644
--- a/etc/evince.profile
+++ b/etc/evince.profile
@@ -13,6 +13,7 @@ include /etc/firejail/disable-passwdmgr.inc
 caps.drop all
 netfilter
 #net none - creates some problems on some distributions
+no3d
 nogroups
 nonewprivs
 noroot
@@ -27,3 +28,6 @@ private-dev
 private-etc fonts
 # evince needs access to /tmp/mozilla* to work in firefox
 # private-tmp
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-70-g09d2