From 4f238b75de05d91f200305335da1f019810ac149 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 17 Apr 2017 17:11:24 -0400
Subject: Harden more profiles

---
 etc/polari.profile | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'etc/polari.profile')

diff --git a/etc/polari.profile b/etc/polari.profile
index 834a8b3d6..db5fc9487 100644
--- a/etc/polari.profile
+++ b/etc/polari.profile
@@ -23,7 +23,18 @@ include /etc/firejail/whitelist-common.inc
 
 caps.drop all
 netfilter
+no3d
+nogroups
 nonewprivs
 noroot
+nosound
 protocol unix,inet,inet6
 seccomp
+shell none
+tracelog
+
+private-dev
+private-tmp
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-54-g00ecf