From 463ebe8b0b5ca47fea59f370fb8c1e7a7a0c8482 Mon Sep 17 00:00:00 2001
From: Fred-Barclay <Fred-Barclay@users.noreply.github.com>
Date: Sun, 24 Sep 2017 14:01:30 -0500
Subject: tighten mate-calc profile

---
 etc/mate-calc.profile | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'etc/mate-calc.profile')

diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile
index caf3095a5..c59b2dcc7 100644
--- a/etc/mate-calc.profile
+++ b/etc/mate-calc.profile
@@ -12,8 +12,15 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
+whitelist ${HOME}/.cache/mate-calc
+whitelist ${HOME}/.config/caja
+whitelist ${HOME}/.config/gtk-3.0
+whitelist ${HOME}/.config/dconf
+whitelist ${HOME}./config/mate-menu
+whitelist ${HOME}/.themes
+
 caps.drop all
-netfilter
+net none
 no3d
 nodvd
 nogroups
@@ -27,8 +34,12 @@ seccomp
 shell none
 
 disable-mnt
+private-bin mate-calc,mate-calculator
+private-etc fonts
 private-dev
+private-opt none
 private-tmp
 
+memory-deny-write-execute
 noexec ${HOME}
 noexec /tmp
-- 
cgit v1.2.3-70-g09d2