From 69f96012837d02a3e91c70c77484d935c7a4aabf Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 15 Mar 2021 14:20:25 -0400
Subject: Harden PPSSPP and add a PPSSPPSDL alias

---
 etc/profile-m-z/ppsspp.profile | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'etc/profile-m-z/ppsspp.profile')

diff --git a/etc/profile-m-z/ppsspp.profile b/etc/profile-m-z/ppsspp.profile
index c71553bcd..af6b0ac2a 100644
--- a/etc/profile-m-z/ppsspp.profile
+++ b/etc/profile-m-z/ppsspp.profile
@@ -7,7 +7,6 @@ include ppsspp.local
 include globals.local
 
 noblacklist ${HOME}/.config/ppsspp
-noblacklist ${DOCUMENTS}
 
 include disable-common.inc
 include disable-devel.inc
@@ -15,8 +14,15 @@ include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
+include disable-write-mnt.inc
 include disable-xdg.inc
 
+#mkdir ${HOME}/.config/ppsspp
+#whitelist ${HOME}/.config/ppsspp
+whitelist /usr/share/ppsspp
+#include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
 
 caps.drop all
@@ -27,11 +33,13 @@ nogroups
 nonewprivs
 noroot
 notv
+nou2f
 novideo
 protocol unix,netlink
 seccomp
 shell none
 
+private-bin ppsspp,PPSSPP,PPSSPPQt,PPSSPPSDL
 # uncomment the following line if you do not need controller support
 #private-dev
 private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl
-- 
cgit v1.2.3-70-g09d2