From f8542819ea5cfba205cc5bf5e99f59c0c12745bb Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Sat, 8 Feb 2020 00:01:09 +0000
Subject: harden gpg-agent.profile

---
 etc/gpg-agent.profile | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'etc/gpg-agent.profile')

diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile
index 2710ac88e..16bda186e 100644
--- a/etc/gpg-agent.profile
+++ b/etc/gpg-agent.profile
@@ -17,12 +17,18 @@ include disable-devel.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
+include disable-xdg.inc
 
+mkdir ${HOME}/.gnupg
+whitelist ${HOME}/.gnupg
 whitelist /usr/share/gnupg
 whitelist /usr/share/gnupg2
+include whitelist-common.inc
 include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
 
 caps.drop all
+machine-id
 netfilter
 no3d
 nodvd
-- 
cgit v1.2.3-70-g09d2