From 3c3602fe4e747f3489c917f4de991c9043df9751 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Sat, 16 Sep 2017 14:11:43 -0400
Subject: Harden 25 profiles

---
 etc/tor.profile | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'etc/tor.profile')

diff --git a/etc/tor.profile b/etc/tor.profile
index 73577825a..fcb123eef 100644
--- a/etc/tor.profile
+++ b/etc/tor.profile
@@ -23,16 +23,25 @@ include /etc/firejail/disable-programs.inc
 
 caps.keep setuid,setgid,net_bind_service,dac_read_search
 ipc-namespace
+netfilter
 no3d
+nodvd
 nogroups
 nonewprivs
 nosound
+notv
+novideo
+protocol unix,inet,inet6
 seccomp
 shell none
 writable-var
 
+disable-mnt
 private
 private-bin tor,bash
 private-dev
 private-etc tor,passwd
 private-tmp
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-54-g00ecf