From f12c7af205ddd6c0d75587702f01688dc62a86c5 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Tue, 22 Aug 2017 01:54:31 +0200
Subject: various profile fixes

---
 etc/xreader.profile | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'etc/xreader.profile')

diff --git a/etc/xreader.profile b/etc/xreader.profile
index 107cefe5e..615256102 100644
--- a/etc/xreader.profile
+++ b/etc/xreader.profile
@@ -15,17 +15,25 @@ include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
 caps.drop all
+no3d
 nodvd
 nogroups
 nonewprivs
 noroot
 nosound
 notv
+novideo
 protocol unix
 seccomp
 shell none
 tracelog
 
-private-bin xreader, xreader-previewer, xreader-thumbnailer
+private-bin xreader,xreader-previewer,xreader-thumbnailer
 private-dev
-private-tmp
+private-etc fonts
+# xreader needs access to /tmp/mozilla* to work in firefox
+# private-tmp
+
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-70-g09d2