From f12c7af205ddd6c0d75587702f01688dc62a86c5 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Tue, 22 Aug 2017 01:54:31 +0200
Subject: various profile fixes

---
 etc/xviewer.profile | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'etc/xviewer.profile')

diff --git a/etc/xviewer.profile b/etc/xviewer.profile
index 70ad3b895..b9ff3948a 100644
--- a/etc/xviewer.profile
+++ b/etc/xviewer.profile
@@ -16,12 +16,15 @@ include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
 caps.drop all
+# net none - makes settings immutable
+no3d
 nodvd
 nogroups
 nonewprivs
 noroot
 nosound
 notv
+novideo
 protocol unix
 seccomp
 shell none
@@ -29,7 +32,9 @@ tracelog
 
 private-bin xviewer
 private-dev
+private-etc fonts
 private-tmp
 
+memory-deny-write-execute
 noexec ${HOME}
 noexec /tmp
-- 
cgit v1.2.3-70-g09d2