From 971f3f6b811f81a41df8bcddc58c834ae7f18808 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Wed, 29 Jan 2020 08:36:07 +0000
Subject: updates for zathura.profile (#3193)

* move mkdir in zathura.profile

* harden zathura.profile

* fix private-lib in zathura.profile
---
 etc/zathura.profile | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'etc/zathura.profile')

diff --git a/etc/zathura.profile b/etc/zathura.profile
index 7b0109a90..41258a24d 100644
--- a/etc/zathura.profile
+++ b/etc/zathura.profile
@@ -18,10 +18,17 @@ include disable-passwdmgr.inc
 include disable-programs.inc
 include disable-xdg.inc
 
+mkdir ${HOME}/.config/zathura
+mkdir ${HOME}/.local/share/zathura
+whitelist /usr/share/zathura
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
 caps.drop all
+ipc-namespace
 machine-id
-# net none
-# nodbus
+net none
+nodbus
 nodvd
 nogroups
 nonewprivs
@@ -39,10 +46,9 @@ private-bin zathura
 private-cache
 private-dev
 private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id
+private-lib libarchive.so.*,libdjvulibre.so.*,libgirara-gtk*,libpoppler-glib.so.*,libspectre.so.*,libstdc++.so.*,zathura
 private-tmp
 
-mkdir ${HOME}/.config/zathura
-mkdir ${HOME}/.local/share/zathura
 read-only ${HOME}
 read-write ${HOME}/.config/zathura
 read-write ${HOME}/.local/share/zathura
-- 
cgit v1.2.3-70-g09d2