From 591347192c0b2e0fb89869ce88043a03b7f2ac73 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Mon, 25 Feb 2019 00:40:00 +0000
Subject: Harden gpicview.profile (#2470)

---
 etc/gpicview.profile | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'etc')

diff --git a/etc/gpicview.profile b/etc/gpicview.profile
index af9680b49..2d369fbd8 100644
--- a/etc/gpicview.profile
+++ b/etc/gpicview.profile
@@ -14,9 +14,10 @@ include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
 
-include whitelist-var-common.inc
-
+apparmor
 caps.drop all
+ipc-namespace
+machine-id
 net none
 nodbus
 nodvd
@@ -33,7 +34,12 @@ shell none
 tracelog
 
 private-bin gpicview
+private-cache
 private-dev
-private-etc alternatives,fonts
+private-etc alternatives,fonts,groups,passwd
 private-lib
 private-tmp
+
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-70-g09d2