From 9fbb31e1f4f26d660ba4ef23bb5862c1ca4182a0 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Tue, 12 Mar 2019 07:20:24 +0000
Subject: Harden gucharmap (#2566)

---
 etc/gucharmap.profile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'etc/gucharmap.profile')

diff --git a/etc/gucharmap.profile b/etc/gucharmap.profile
index b1bd59307..5769bd1eb 100644
--- a/etc/gucharmap.profile
+++ b/etc/gucharmap.profile
@@ -20,7 +20,7 @@ include whitelist-var-common.inc
 apparmor
 caps.drop all
 machine-id
-net none
+#net none - breaks dbus
 no3d
 nodvd
 nogroups
@@ -35,8 +35,12 @@ seccomp
 shell none
 
 disable-mnt
+private-bin gucharmap
 private-cache
 private-dev
+private-etc alternatives,fonts
+private-home .config,.icons,.themes
+private-lib
 private-tmp
 
 memory-deny-write-execute
-- 
cgit v1.2.3-70-g09d2