From 3c3602fe4e747f3489c917f4de991c9043df9751 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sat, 16 Sep 2017 14:11:43 -0400
Subject: Harden 25 profiles

---
 etc/mpd.profile | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'etc/mpd.profile')

diff --git a/etc/mpd.profile b/etc/mpd.profile
index ebcdca443..601861083 100644
--- a/etc/mpd.profile
+++ b/etc/mpd.profile
@@ -14,8 +14,21 @@ include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
 caps.drop all
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
 noroot
+notv
+novideo
+protocol unix,inet,inet6
 seccomp
+shell none
 
 #private-bin mpd,bash
 private-dev
+private-tmp
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-54-g00ecf