From b5f29f9c216615c39e6fe00508ea18a52a2fe88a Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sun, 16 Apr 2017 07:14:01 -0400
Subject: Harden 9 more profiles

---
 etc/ssh.profile | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'etc/ssh.profile')

diff --git a/etc/ssh.profile b/etc/ssh.profile
index b1ef6b27e..425841399 100644
--- a/etc/ssh.profile
+++ b/etc/ssh.profile
@@ -14,7 +14,18 @@ include /etc/firejail/disable-passwdmgr.inc
 
 caps.drop all
 netfilter
+no3d
+nogroups
 nonewprivs
 noroot
+nosound
 protocol unix,inet,inet6
 seccomp
+shell none
+tracelog
+
+private-dev
+#private-tmp #Breaks when exiting
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-54-g00ecf