From 4bb5f58ae402cc2c03aeea538c15e509b1744c2f Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Thu, 2 Jan 2020 20:58:56 +0000
Subject: Additional hardening for whois

---
 etc/whois.profile | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'etc')

diff --git a/etc/whois.profile b/etc/whois.profile
index b993264a5..bd0870bea 100644
--- a/etc/whois.profile
+++ b/etc/whois.profile
@@ -7,19 +7,23 @@ include whois.local
 # Persistent global definitions
 include globals.local
 
+blacklist /tmp/.X11-unix
+
 include disable-common.inc
-# include disable-devel.inc
+include disable-devel.inc
 include disable-exec.inc
-# include disable-interpreters.inc
+include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
-#include disable-xdg.inc
+include disable-xdg.inc
 
 include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
 
 caps.drop all
-# ipc-namespace
+hostname whois
+ipc-namespace
+machine-id
 netfilter
 no3d
 nodbus
@@ -41,7 +45,7 @@ private
 private-bin bash,sh,whois
 private-cache
 private-dev
-# private-etc alternatives,hosts,services,whois.conf
+private-etc alternatives,hosts,jwhois.conf,services,whois.conf
 private-lib
 private-tmp
 
-- 
cgit v1.2.3-54-g00ecf