From 871dfe351fd8cf19c8c7f330187c994b911ec995 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Tue, 31 Oct 2017 02:24:39 +0100
Subject: harden kde

and whitelist kioslaverc because we don't know if kdeinit
will run outside or inside the sandbox.
---
 etc/kate.profile | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'etc/kate.profile')

diff --git a/etc/kate.profile b/etc/kate.profile
index 69100d49d..85a98d67f 100644
--- a/etc/kate.profile
+++ b/etc/kate.profile
@@ -5,6 +5,8 @@ include /etc/firejail/kate.local
 # Persistent global definitions
 include /etc/firejail/globals.local
 
+# blacklist /run/user/*/bus
+
 noblacklist ~/.config/katepartrc
 noblacklist ~/.config/katerc
 noblacklist ~/.config/kateschemarc
@@ -20,6 +22,7 @@ include /etc/firejail/disable-programs.inc
 include /etc/firejail/whitelist-var-common.inc
 
 caps.drop all
+# net none
 netfilter
 nodvd
 nogroups
-- 
cgit v1.2.3-70-g09d2