From 0e31d0203569604998d8b640901773b19ada2d98 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Tue, 23 Feb 2021 07:57:02 -0500
Subject: hardening ssh, tor

---
 etc/profile-m-z/torbrowser-launcher.profile | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'etc/profile-m-z/torbrowser-launcher.profile')

diff --git a/etc/profile-m-z/torbrowser-launcher.profile b/etc/profile-m-z/torbrowser-launcher.profile
index 1045fa02a..8b1ed1645 100644
--- a/etc/profile-m-z/torbrowser-launcher.profile
+++ b/etc/profile-m-z/torbrowser-launcher.profile
@@ -15,6 +15,9 @@ noblacklist ${HOME}/.local/share/torbrowser
 include allow-python2.inc
 include allow-python3.inc
 
+blacklist /opt
+blacklist /srv
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
@@ -30,6 +33,8 @@ whitelist ${HOME}/.config/torbrowser
 whitelist ${HOME}/.local/share/torbrowser
 include whitelist-common.inc
 include whitelist-var-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
 
 # Uncomment the line below or put 'apparmor' in your torbrowser-launcher.local.
 # IMPORTANT: the relevant rule in /etc/apparmor.d/local/firejail-default will need
-- 
cgit v1.2.3-70-g09d2