From b9c8a94590985666cf1b2187565024fed364aba6 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 12 Apr 2019 11:53:09 -0400 Subject: adding disable-exec.inc to the remaining profiles --- etc/Fritzing.profile | 3 +-- etc/JDownloader.profile | 3 +-- etc/QMediathekView.profile | 3 +-- etc/QOwnNotes.profile | 3 +-- etc/Viber.profile | 3 +-- etc/XMind.profile | 3 +-- etc/akregator.profile | 3 +-- etc/amule.profile | 3 +-- etc/apktool.profile | 4 +--- etc/archaudit-report.profile | 3 +-- etc/ardour5.profile | 3 +-- etc/arduino.profile | 3 +-- etc/aria2c.profile | 3 +-- etc/arm.profile | 3 +-- etc/atom.profile | 4 +--- etc/baobab.profile | 3 +-- etc/bitcoin-qt.profile | 3 +-- etc/bleachbit.profile | 3 +-- etc/blender.profile | 3 +-- etc/bless.profile | 3 +-- etc/bluefish.profile | 3 +-- etc/brasero.profile | 3 +-- etc/cin.profile | 3 +-- etc/conky.profile | 3 +-- etc/corebird.profile | 3 +-- etc/cower.profile | 3 +-- etc/crow.profile | 3 +-- etc/curl.profile | 4 +--- etc/darktable.profile | 3 +-- etc/deadbeef.profile | 3 +-- etc/dex2jar.profile | 3 +-- etc/dia.profile | 3 +-- etc/dino.profile | 3 +-- etc/dooble.profile | 3 +-- etc/dragon.profile | 3 +-- etc/electrum.profile | 3 +-- etc/enpass.profile | 3 +-- etc/evolution.profile | 3 +-- etc/exfalso.profile | 3 +-- etc/falkon.profile | 3 +-- etc/feedreader.profile | 3 +-- etc/flameshot.profile | 3 +-- etc/flowblade.profile | 3 +-- etc/fontforge.profile | 3 +-- etc/freecad.profile | 3 +-- etc/gajim.profile | 3 +-- etc/gitg.profile | 3 +-- etc/github-desktop.profile | 3 +-- etc/gitter.profile | 3 +-- etc/globaltime.profile | 3 +-- etc/gnome-2048.profile | 3 +-- etc/gnome-books.profile | 3 +-- etc/gnome-documents.profile | 3 +-- etc/gnome-font-viewer.profile | 3 +-- etc/gnome-mplayer.profile | 3 +-- etc/gnome-music.profile | 3 +-- etc/gnome-nettool.profile | 3 +-- etc/gnome-photos.profile | 3 +-- etc/gnome-pie.profile | 3 +-- etc/gnome-recipes.profile | 3 +-- etc/gnome-ring.profile | 3 +-- etc/gnome-twitch.profile | 3 +-- etc/gnome-weather.profile | 3 +-- etc/google-earth.profile | 3 +-- etc/gpredict.profile | 3 +-- etc/gradio.profile | 3 +-- etc/guayadeque.profile | 3 +-- etc/hashcat.profile | 3 +-- etc/hugin.profile | 3 +-- etc/imagej.profile | 3 +-- etc/jd-gui.profile | 3 +-- etc/kaffeine.profile | 3 +-- etc/kdeinit4.profile | 3 +-- etc/keepass.profile | 3 +-- etc/kino.profile | 3 +-- etc/kopete.profile | 3 +-- etc/less.profile | 3 +-- etc/liferea.profile | 3 +-- etc/linphone.profile | 3 +-- etc/lmms.profile | 3 +-- etc/lollypop.profile | 3 +-- etc/luminance-hdr.profile | 3 +-- etc/lximage-qt.profile | 3 +-- etc/lxmusic.profile | 3 +-- etc/macrofusion.profile | 3 +-- etc/makepkg.profile | 3 +-- etc/mate-calc.profile | 3 +-- etc/mate-color-select.profile | 3 +-- etc/mate-dictionary.profile | 3 +-- etc/mediathekview.profile | 3 +-- etc/mendeleydesktop.profile | 3 +-- etc/min.profile | 3 +-- etc/mpDris2.profile | 3 +-- etc/mpd.profile | 3 +-- etc/mplayer.profile | 3 +-- etc/ms-office.profile | 3 +-- etc/multimc5.profile | 3 +-- etc/mumble.profile | 3 +-- etc/musixmatch.profile | 3 +-- etc/natron.profile | 3 +-- etc/ncdu.profile | 4 ++-- etc/nemo.profile | 3 +-- etc/nethack-vultures.profile | 3 +-- etc/nethack.profile | 3 +-- etc/neverball.profile | 3 +-- etc/nheko.profile | 3 +-- etc/nitroshare.profile | 3 +-- etc/nomacs.profile | 3 +-- etc/nyx.profile | 3 +-- etc/obs.profile | 3 +-- etc/onionshare-gui.profile | 3 +-- etc/orage.profile | 3 +-- etc/pdfmod.profile | 3 +-- etc/pdfsam.profile | 3 +-- etc/peek.profile | 3 +-- etc/picard.profile | 3 +-- etc/pithos.profile | 3 +-- etc/pitivi.profile | 3 +-- etc/polari.profile | 3 +-- etc/ppsspp.profile | 3 +-- etc/pragha.profile | 3 +-- etc/psi-plus.profile | 3 +-- etc/pybitmessage.profile | 3 +-- etc/qlipper.profile | 3 +-- etc/qmmp.profile | 3 +-- etc/quiterss.profile | 3 +-- etc/qupzilla.profile | 3 +-- etc/redeclipse.profile | 3 +-- etc/remmina.profile | 3 +-- etc/ricochet.profile | 3 +-- etc/ristretto.profile | 3 +-- etc/sayonara.profile | 3 +-- etc/scallion.profile | 4 +--- etc/scribus.profile | 3 +-- etc/sdat2img.profile | 3 +-- etc/shellcheck.profile | 3 +-- etc/silentarmy.profile | 3 +-- etc/skype.profile | 4 ++-- etc/slashem.profile | 3 +-- etc/smtube.profile | 3 +-- etc/spectre-meltdown-checker.profile | 3 +-- etc/spotify.profile | 3 +-- etc/stellarium.profile | 3 +-- etc/surf.profile | 3 +-- etc/synfigstudio.profile | 3 +-- etc/teamspeak3.profile | 3 +-- etc/telegram.profile | 3 +-- etc/tilp.profile | 3 +-- etc/tor.profile | 3 +-- etc/truecraft.profile | 3 +-- etc/uefitool.profile | 3 +-- etc/viking.profile | 3 +-- etc/vym.profile | 3 +-- etc/webui-aria2.profile | 3 +-- etc/xfce4-dict.profile | 3 +-- etc/xfce4-notes.profile | 3 +-- etc/xmr-stak.profile | 3 +-- etc/xonotic.profile | 3 +-- etc/xpdf.profile | 3 +-- etc/zaproxy.profile | 3 +-- etc/zart.profile | 3 +-- 161 files changed, 163 insertions(+), 326 deletions(-) (limited to 'etc') diff --git a/etc/Fritzing.profile b/etc/Fritzing.profile index 55fb7bae7..d318da885 100644 --- a/etc/Fritzing.profile +++ b/etc/Fritzing.profile @@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/JDownloader.profile b/etc/JDownloader.profile index 2803ebe07..d1bd5c9b2 100644 --- a/etc/JDownloader.profile +++ b/etc/JDownloader.profile @@ -16,6 +16,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -48,5 +49,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/QMediathekView.profile b/etc/QMediathekView.profile index 69dfbecfe..7cc50da15 100644 --- a/etc/QMediathekView.profile +++ b/etc/QMediathekView.profile @@ -21,6 +21,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -52,5 +53,3 @@ private-dev private-tmp # memory-deny-write-execute - breaks on Arch -noexec ${HOME} -noexec /tmp diff --git a/etc/QOwnNotes.profile b/etc/QOwnNotes.profile index 090845259..27ba00857 100644 --- a/etc/QOwnNotes.profile +++ b/etc/QOwnNotes.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.local/share/PBE include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -51,5 +52,3 @@ private-dev private-etc alternatives,fonts,ld.so.cache,pulse,resolv.conf,hosts,nsswitch.conf,host.conf,ca-certificates,ssl,pki,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/Viber.profile b/etc/Viber.profile index 01bb49a99..3f3ee8590 100644 --- a/etc/Viber.profile +++ b/etc/Viber.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.ViberPC include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,7 +36,5 @@ private-bin sh,bash,dig,awk,Viber private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf private-tmp -noexec ${HOME} -noexec /tmp env QTWEBENGINE_DISABLE_SANDBOX=1 diff --git a/etc/XMind.profile b/etc/XMind.profile index 6b767555c..a5b0a864e 100644 --- a/etc/XMind.profile +++ b/etc/XMind.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.xmind include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-bin XMind,sh,cp private-tmp private-dev -noexec ${HOME} -noexec /tmp diff --git a/etc/akregator.profile b/etc/akregator.profile index e7d0b74b9..2f35c55c0 100644 --- a/etc/akregator.profile +++ b/etc/akregator.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/akregator include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-bin akregator,akregatorstorageexporter,dbus-launch,kdeinit5,kshell5,kdei private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/amule.profile b/etc/amule.profile index e969bb1df..7cb2130bb 100644 --- a/etc/amule.profile +++ b/etc/amule.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.aMule include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-bin amule private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/apktool.profile b/etc/apktool.profile index bad0c9346..acddf010b 100644 --- a/etc/apktool.profile +++ b/etc/apktool.profile @@ -8,6 +8,7 @@ include apktool.local include globals.local include disable-common.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc @@ -33,6 +34,3 @@ shell none private-bin apktool,bash,java,dirname,basename,expr,sh private-cache private-dev - -noexec ${HOME} -noexec /tmp diff --git a/etc/archaudit-report.profile b/etc/archaudit-report.profile index 1b029d1ac..2f1715da1 100644 --- a/etc/archaudit-report.profile +++ b/etc/archaudit-report.profile @@ -11,6 +11,7 @@ noblacklist /var/lib/pacman include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-bin archaudit-report,arch-audit,bash,cat,comm,cut,date,fold,grep,pacman, private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/ardour5.profile b/etc/ardour5.profile index 377ce0a2c..211a32e22 100644 --- a/etc/ardour5.profile +++ b/etc/ardour5.profile @@ -14,6 +14,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-dev #private-etc alternatives,pulse,X11,alternatives,ardour4,ardour5,fonts,machine-id,asound.conf private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/arduino.profile b/etc/arduino.profile index ce4609340..2ea8445fe 100644 --- a/etc/arduino.profile +++ b/etc/arduino.profile @@ -19,6 +19,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ shell none private-cache private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/aria2c.profile b/etc/aria2c.profile index 6e5a87dab..68c83e573 100644 --- a/etc/aria2c.profile +++ b/etc/aria2c.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.aria2 include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-lib libreadline.so.* private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/arm.profile b/etc/arm.profile index d31b962ca..ae93e9665 100644 --- a/etc/arm.profile +++ b/etc/arm.profile @@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -49,5 +50,3 @@ private-dev private-etc alternatives,tor,passwd,ca-certificates,ssl,pki,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/atom.profile b/etc/atom.profile index 1c0afb277..e4ca96eaa 100644 --- a/etc/atom.profile +++ b/etc/atom.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.cargo/registry noblacklist ${HOME}/.gitconfig include disable-common.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,6 +36,3 @@ shell none private-cache private-dev private-tmp - -noexec ${HOME} -noexec /tmp diff --git a/etc/baobab.profile b/etc/baobab.profile index c223b138e..fc4e7f268 100644 --- a/etc/baobab.profile +++ b/etc/baobab.profile @@ -8,6 +8,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc # include disable-programs.inc @@ -33,5 +34,3 @@ private-dev private-tmp #memory-deny-write-execute - breaks on Arch -noexec ${HOME} -noexec /tmp diff --git a/etc/bitcoin-qt.profile b/etc/bitcoin-qt.profile index 74123ee51..8aae5d668 100644 --- a/etc/bitcoin-qt.profile +++ b/etc/bitcoin-qt.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/Bitcoin include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -46,5 +47,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/bleachbit.profile b/etc/bleachbit.profile index fae7d8133..cbc8c25d6 100644 --- a/etc/bleachbit.profile +++ b/etc/bleachbit.profile @@ -16,6 +16,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc # include disable-programs.inc @@ -41,5 +42,3 @@ private-dev # memory-deny-write-execute breaks some systems, see issue #1850 # memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/blender.profile b/etc/blender.profile index d23fe0810..bfe906408 100644 --- a/etc/blender.profile +++ b/etc/blender.profile @@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/bless.profile b/etc/bless.profile index 8315f4563..d4ac80db1 100644 --- a/etc/bless.profile +++ b/etc/bless.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/bless include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ private-dev private-etc alternatives,fonts,mono private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/bluefish.profile b/etc/bluefish.profile index ce47cb9ab..412088ba9 100644 --- a/etc/bluefish.profile +++ b/etc/bluefish.profile @@ -8,6 +8,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-bin bluefish private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/brasero.profile b/etc/brasero.profile index 5021db254..aa838380a 100644 --- a/etc/brasero.profile +++ b/etc/brasero.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/brasero include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -34,5 +35,3 @@ private-cache # private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/cin.profile b/etc/cin.profile index 02511c478..efeb9cd14 100644 --- a/etc/cin.profile +++ b/etc/cin.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.bcast5 include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ shell none private-cache private-dev -noexec ${HOME} -noexec /tmp diff --git a/etc/conky.profile b/etc/conky.profile index 846868be2..d5949ecfd 100644 --- a/etc/conky.profile +++ b/etc/conky.profile @@ -10,6 +10,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/corebird.profile b/etc/corebird.profile index bf2e97356..dbb043c17 100644 --- a/etc/corebird.profile +++ b/etc/corebird.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/corebird include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -34,5 +35,3 @@ private-bin corebird private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/cower.profile b/etc/cower.profile index ebd83b326..bc1eeedc0 100644 --- a/etc/cower.profile +++ b/etc/cower.profile @@ -19,6 +19,7 @@ noblacklist /var/lib/pacman include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -45,5 +46,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/crow.profile b/etc/crow.profile index 93f71cef8..8aa70a09c 100644 --- a/etc/crow.profile +++ b/etc/crow.profile @@ -13,6 +13,7 @@ whitelist ${HOME}/.cache/gstreamer-1.0 include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ private-opt none private-tmp private-srv none -noexec ${HOME} -noexec /tmp diff --git a/etc/curl.profile b/etc/curl.profile index 1783f1337..2703c6fe8 100644 --- a/etc/curl.profile +++ b/etc/curl.profile @@ -12,6 +12,7 @@ blacklist /tmp/.X11-unix noblacklist ${HOME}/.curlrc include disable-common.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,6 +36,3 @@ private-cache private-dev # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies private-tmp - -noexec ${HOME} -noexec /tmp diff --git a/etc/darktable.profile b/etc/darktable.profile index af834f90b..2a71ad11c 100644 --- a/etc/darktable.profile +++ b/etc/darktable.profile @@ -12,6 +12,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index f751b7bb0..8e67d9daa 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile @@ -11,6 +11,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -32,5 +33,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/dex2jar.profile b/etc/dex2jar.profile index b0226f1e9..06a6be3aa 100644 --- a/etc/dex2jar.profile +++ b/etc/dex2jar.profile @@ -14,6 +14,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-bin dex2jar,java,sh,bash,expr,dirname,ls,uname,grep private-cache private-dev -noexec ${HOME} -noexec /tmp diff --git a/etc/dia.profile b/etc/dia.profile index a0075acaf..921adaad5 100644 --- a/etc/dia.profile +++ b/etc/dia.profile @@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/dino.profile b/etc/dino.profile index e76499f8f..2db395e02 100644 --- a/etc/dino.profile +++ b/etc/dino.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.local/share/dino include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-dev # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies # breaks server connection private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/dooble.profile b/etc/dooble.profile index bc4a4c348..80bcce463 100644 --- a/etc/dooble.profile +++ b/etc/dooble.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.dooble include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/dragon.profile b/etc/dragon.profile index cdf941acd..fb8aaaf96 100644 --- a/etc/dragon.profile +++ b/etc/dragon.profile @@ -12,6 +12,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-bin dragon private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/electrum.profile b/etc/electrum.profile index 9d5cf7fab..88d27e47e 100644 --- a/etc/electrum.profile +++ b/etc/electrum.profile @@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -52,5 +53,3 @@ private-dev private-etc alternatives,fonts,dconf,ca-certificates,ssl,pki,crypto-policies,machine-id private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/enpass.profile b/etc/enpass.profile index 5e461bc43..284b9259d 100644 --- a/etc/enpass.profile +++ b/etc/enpass.profile @@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-opt Enpass private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/evolution.profile b/etc/evolution.profile index 9b6387538..71a7a5600 100644 --- a/etc/evolution.profile +++ b/etc/evolution.profile @@ -18,6 +18,7 @@ noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/exfalso.profile b/etc/exfalso.profile index b4d275d22..6146a8952 100644 --- a/etc/exfalso.profile +++ b/etc/exfalso.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -49,5 +50,3 @@ private-lib libatk-1.0.so.*,libgdk-3.so.*,libgdk_pixbuf-2.0.so.*,libgirepository private-tmp # memory-deny-write-execute - Breaks on Arch -noexec ${HOME} -noexec /tmp diff --git a/etc/falkon.profile b/etc/falkon.profile index 9fd446fe1..af6aaa1a7 100644 --- a/etc/falkon.profile +++ b/etc/falkon.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/falkon include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@res private-dev # private-tmp - interferes with the opening of downloaded files -noexec ${HOME} -noexec /tmp diff --git a/etc/feedreader.profile b/etc/feedreader.profile index 44ed475bc..e453cc611 100644 --- a/etc/feedreader.profile +++ b/etc/feedreader.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/feedreader include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/flameshot.profile b/etc/flameshot.profile index 39a23c813..cd3e07455 100644 --- a/etc/flameshot.profile +++ b/etc/flameshot.profile @@ -11,6 +11,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-etc alternatives,fonts,ld.so.conf,resolv.conf,ca-certificates,ssl,pki,cr private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/flowblade.profile b/etc/flowblade.profile index b57c27936..1e84d4ca6 100644 --- a/etc/flowblade.profile +++ b/etc/flowblade.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/fontforge.profile b/etc/fontforge.profile index dc4e43b09..f98ad9983 100644 --- a/etc/fontforge.profile +++ b/etc/fontforge.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/freecad.profile b/etc/freecad.profile index 11fe3245c..079c85fb1 100644 --- a/etc/freecad.profile +++ b/etc/freecad.profile @@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gajim.profile b/etc/gajim.profile index bdb40d7e1..36121c4b9 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile @@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -52,7 +53,5 @@ private-dev private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl private-tmp -noexec ${HOME} -noexec /tmp join-or-start gajim diff --git a/etc/gitg.profile b/etc/gitg.profile index f6d78cc54..a40d8791c 100644 --- a/etc/gitg.profile +++ b/etc/gitg.profile @@ -12,6 +12,7 @@ noblacklist ${HOME}/.ssh include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-tmp # mdwe breaks diff in older versions #memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/github-desktop.profile b/etc/github-desktop.profile index 934ac7c40..cddb5fcbf 100644 --- a/etc/github-desktop.profile +++ b/etc/github-desktop.profile @@ -13,6 +13,7 @@ include disable-common.inc include disable-passwdmgr.inc include disable-programs.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc caps.drop all @@ -44,5 +45,3 @@ private-dev private-tmp # memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/gitter.profile b/etc/gitter.profile index ab333d1fb..7d0831bc4 100644 --- a/etc/gitter.profile +++ b/etc/gitter.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Gitter include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-opt Gitter private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/globaltime.profile b/etc/globaltime.profile index c007fb0cc..bb78a608e 100644 --- a/etc/globaltime.profile +++ b/etc/globaltime.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.config/globaltime include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -34,5 +35,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile index ce83fbb66..9eb4c147d 100644 --- a/etc/gnome-2048.profile +++ b/etc/gnome-2048.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/gnome-2048 include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile index b880980bc..184751132 100644 --- a/etc/gnome-books.profile +++ b/etc/gnome-books.profile @@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-dev # private-etc alternatives,fonts private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile index 36b69ce90..078e8c34e 100644 --- a/etc/gnome-documents.profile +++ b/etc/gnome-documents.profile @@ -13,6 +13,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-font-viewer.profile b/etc/gnome-font-viewer.profile index c616b7381..468ef0401 100644 --- a/etc/gnome-font-viewer.profile +++ b/etc/gnome-font-viewer.profile @@ -9,6 +9,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index 3dd623ea9..12bee6448 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile @@ -12,6 +12,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -31,5 +32,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-music.profile b/etc/gnome-music.profile index f31b8af2c..6bebeb526 100644 --- a/etc/gnome-music.profile +++ b/etc/gnome-music.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -45,5 +46,3 @@ private-dev private-etc alternatives,fonts,machine-id,pulse,asound.conf private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-nettool.profile b/etc/gnome-nettool.profile index dd58f12d5..a763917d1 100644 --- a/etc/gnome-nettool.profile +++ b/etc/gnome-nettool.profile @@ -8,6 +8,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-dev private-lib libbind9.so.*,libcrypto.so.*,libdns.so.*,libirs.so.*,liblua.so.*,libssh2.so.*,libssl.so.* private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-photos.profile b/etc/gnome-photos.profile index c48ca50a5..4e5a3b109 100644 --- a/etc/gnome-photos.profile +++ b/etc/gnome-photos.profile @@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/gnome-photos include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ private-dev # private-etc alternatives,fonts private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-pie.profile b/etc/gnome-pie.profile index e542181fa..c1d2dae35 100644 --- a/etc/gnome-pie.profile +++ b/etc/gnome-pie.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/gnome-pie #include disable-common.inc include disable-devel.inc +include disable-exec.inc #include disable-interpreters.inc include disable-passwdmgr.inc #include disable-programs.inc @@ -38,5 +39,3 @@ private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.s private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-recipes.profile b/etc/gnome-recipes.profile index 24d3cbd87..1a897a5d8 100644 --- a/etc/gnome-recipes.profile +++ b/etc/gnome-recipes.profile @@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/gnome-recipes include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -46,5 +47,3 @@ private-etc alternatives,ca-certificates,fonts,ssl,crypto-policies,pki private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,libgnutls.so.*,libjpeg.so.*,libp11-kit.so.*,libproxy.so.*,librsvg-2.so.* private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-ring.profile b/etc/gnome-ring.profile index f660df690..78ceb9c4f 100644 --- a/etc/gnome-ring.profile +++ b/etc/gnome-ring.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.local/share/gnome-ring include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -31,5 +32,3 @@ disable-mnt # private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-twitch.profile b/etc/gnome-twitch.profile index 4b54d9627..5e8153035 100644 --- a/etc/gnome-twitch.profile +++ b/etc/gnome-twitch.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/gnome-twitch include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index baa5d39fd..ef7255130 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile @@ -12,6 +12,7 @@ noblacklist ${HOME}/.cache/libgweather include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-dev # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/google-earth.profile b/etc/google-earth.profile index e075bfe9a..a29e0d563 100644 --- a/etc/google-earth.profile +++ b/etc/google-earth.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.googleearth/myplaces.kml include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -48,5 +49,3 @@ private-bin google-earth,sh,bash,grep,sed,ls,dirname private-dev private-opt google -noexec ${HOME} -noexec /tmp diff --git a/etc/gpredict.profile b/etc/gpredict.profile index 38897f184..be3742fe3 100644 --- a/etc/gpredict.profile +++ b/etc/gpredict.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Gpredict include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ private-dev private-etc alternatives,fonts,resolv.conf,ca-certificates,ssl,pki,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/gradio.profile b/etc/gradio.profile index eec7376b4..75c793f61 100644 --- a/etc/gradio.profile +++ b/etc/gradio.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/gradio include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ shell none private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/guayadeque.profile b/etc/guayadeque.profile index 22457c547..8ffd7ff58 100644 --- a/etc/guayadeque.profile +++ b/etc/guayadeque.profile @@ -10,6 +10,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -31,5 +32,3 @@ private-bin guayadeque private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/hashcat.profile b/etc/hashcat.profile index bf4836c45..4ed099fae 100644 --- a/etc/hashcat.profile +++ b/etc/hashcat.profile @@ -13,6 +13,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/hugin.profile b/etc/hugin.profile index 1e235f381..3d8921120 100644 --- a/etc/hugin.profile +++ b/etc/hugin.profile @@ -12,6 +12,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/imagej.profile b/etc/imagej.profile index 9ff0f9203..9d0ab43a0 100644 --- a/etc/imagej.profile +++ b/etc/imagej.profile @@ -16,6 +16,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-bin imagej,bash,grep,sort,tail,tr,cut,whoami,hostname,uname,mkdir,ls,tou private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile index 443e6b550..dce44e5d4 100644 --- a/etc/jd-gui.profile +++ b/etc/jd-gui.profile @@ -16,6 +16,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -44,5 +45,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/kaffeine.profile b/etc/kaffeine.profile index 85870da36..c7f811939 100644 --- a/etc/kaffeine.profile +++ b/etc/kaffeine.profile @@ -17,6 +17,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/kdeinit4.profile b/etc/kdeinit4.profile index cd7c4cae3..f786c78d5 100644 --- a/etc/kdeinit4.profile +++ b/etc/kdeinit4.profile @@ -9,6 +9,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ private-bin kdeinit4,kbuildsycoca4,kded4,knotify4 private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/keepass.profile b/etc/keepass.profile index 788561a14..57a24d821 100644 --- a/etc/keepass.profile +++ b/etc/keepass.profile @@ -17,6 +17,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/kino.profile b/etc/kino.profile index ead42f9ca..9e8d61391 100644 --- a/etc/kino.profile +++ b/etc/kino.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.kinorc include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -31,5 +32,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/kopete.profile b/etc/kopete.profile index fef415f6e..5e931ddac 100644 --- a/etc/kopete.profile +++ b/etc/kopete.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.kde4/share/config/kopeterc include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ writable-var private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/less.profile b/etc/less.profile index 16940853c..5ad7cb959 100644 --- a/etc/less.profile +++ b/etc/less.profile @@ -9,6 +9,7 @@ include less.local #include globals.local blacklist /tmp/.X11-unix +include disable-exec.inc ignore noroot apparmor @@ -34,7 +35,5 @@ private-cache private-dev memory-deny-write-execute -noexec ${HOME} -noexec /tmp include default.profile diff --git a/etc/liferea.profile b/etc/liferea.profile index 5927747b8..e778d7b55 100644 --- a/etc/liferea.profile +++ b/etc/liferea.profile @@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -52,5 +53,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/linphone.profile b/etc/linphone.profile index cd35dc2bf..dc156b298 100644 --- a/etc/linphone.profile +++ b/etc/linphone.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.linphonerc include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/lmms.profile b/etc/lmms.profile index 6c81b9172..98ddd03e5 100644 --- a/etc/lmms.profile +++ b/etc/lmms.profile @@ -12,6 +12,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/lollypop.profile b/etc/lollypop.profile index c4717965a..76b8ed75c 100644 --- a/etc/lollypop.profile +++ b/etc/lollypop.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-dev private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/luminance-hdr.profile b/etc/luminance-hdr.profile index 38f2ab10c..2b0feaa17 100644 --- a/etc/luminance-hdr.profile +++ b/etc/luminance-hdr.profile @@ -11,6 +11,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/lximage-qt.profile b/etc/lximage-qt.profile index c275a69c8..74adb7a67 100644 --- a/etc/lximage-qt.profile +++ b/etc/lximage-qt.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/lximage-qt include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/lxmusic.profile b/etc/lxmusic.profile index e0c03db50..e1a37343e 100644 --- a/etc/lxmusic.profile +++ b/etc/lxmusic.profile @@ -12,6 +12,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/macrofusion.profile b/etc/macrofusion.profile index 793cd59bb..7d42f2bfe 100644 --- a/etc/macrofusion.profile +++ b/etc/macrofusion.profile @@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -44,5 +45,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/makepkg.profile b/etc/makepkg.profile index 317a3dd78..55bea9c5e 100644 --- a/etc/makepkg.profile +++ b/etc/makepkg.profile @@ -31,6 +31,7 @@ blacklist ${HOME}/.gnupg/openpgp-revocs.d noblacklist /var/lib/pacman include disable-common.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc @@ -54,5 +55,3 @@ disable-mnt private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile index 1d3c21e3f..ac5577b4c 100644 --- a/etc/mate-calc.profile +++ b/etc/mate-calc.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/mate-calc include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -45,5 +46,3 @@ private-opt none private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/mate-color-select.profile b/etc/mate-color-select.profile index a344f70e1..bd3631445 100644 --- a/etc/mate-color-select.profile +++ b/etc/mate-color-select.profile @@ -8,6 +8,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-lib private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/mate-dictionary.profile b/etc/mate-dictionary.profile index 196f5b2c3..1217910a0 100644 --- a/etc/mate-dictionary.profile +++ b/etc/mate-dictionary.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.config/mate/mate-dictionary include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile index a438634f3..497014dab 100644 --- a/etc/mediathekview.profile +++ b/etc/mediathekview.profile @@ -26,6 +26,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -50,5 +51,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/mendeleydesktop.profile b/etc/mendeleydesktop.profile index a3d6092f1..d54371371 100644 --- a/etc/mendeleydesktop.profile +++ b/etc/mendeleydesktop.profile @@ -24,6 +24,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -50,5 +51,3 @@ private-bin mendeleydesktop,python*,env,gconftool-2,which,sh,ln,cat,update-deskt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/min.profile b/etc/min.profile index eb1163175..e775ed42d 100644 --- a/etc/min.profile +++ b/etc/min.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.local/share/pki include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-programs.inc @@ -48,5 +49,3 @@ private-etc alternatives,ca-certificates,ssl,machine-id,dconf,selinux,passwd,gro private-tmp # memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/mpDris2.profile b/etc/mpDris2.profile index b179ecfaf..81bf88b8b 100644 --- a/etc/mpDris2.profile +++ b/etc/mpDris2.profile @@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -47,7 +48,5 @@ private-lib libdbus-1.so.*,libdbus-glib-1.so.*,libgirepository-1.0.so.*,libnotif private-tmp # memory-deny-write-execute - Breaks on Arch -noexec ${HOME} -noexec /tmp read-only ${HOME} diff --git a/etc/mpd.profile b/etc/mpd.profile index e06b83aa9..0a98de7c4 100644 --- a/etc/mpd.profile +++ b/etc/mpd.profile @@ -13,6 +13,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/mplayer.profile b/etc/mplayer.profile index 8c0b50eca..877b92564 100644 --- a/etc/mplayer.profile +++ b/etc/mplayer.profile @@ -12,6 +12,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ private-bin mplayer private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/ms-office.profile b/etc/ms-office.profile index f23617f8d..f8e75379e 100644 --- a/etc/ms-office.profile +++ b/etc/ms-office.profile @@ -18,6 +18,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/multimc5.profile b/etc/multimc5.profile index 75e6e2804..b6407c4f9 100644 --- a/etc/multimc5.profile +++ b/etc/multimc5.profile @@ -18,6 +18,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -47,5 +48,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/mumble.profile b/etc/mumble.profile index 276e77c68..04bb1b5f0 100644 --- a/etc/mumble.profile +++ b/etc/mumble.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/data/Mumble include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-bin mumble private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/musixmatch.profile b/etc/musixmatch.profile index 54d9fb16e..727269a61 100644 --- a/etc/musixmatch.profile +++ b/etc/musixmatch.profile @@ -9,6 +9,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc @@ -33,5 +34,3 @@ disable-mnt private-dev private-etc alternatives,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies -noexec ${HOME} -noexec /tmp diff --git a/etc/natron.profile b/etc/natron.profile index 85e23c759..3f997a7a0 100644 --- a/etc/natron.profile +++ b/etc/natron.profile @@ -20,6 +20,7 @@ noblacklist /opt/natron include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ shell none private-bin natron,Natron,NatronRenderer -noexec ${HOME} -noexec /tmp diff --git a/etc/ncdu.profile b/etc/ncdu.profile index ac0fd19b2..c18e1c4bf 100644 --- a/etc/ncdu.profile +++ b/etc/ncdu.profile @@ -6,6 +6,8 @@ include ncdu.local # Persistent global definitions include globals.local +include disable-exec.inc + caps.drop all ipc-namespace nodbus @@ -27,5 +29,3 @@ private-dev # private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/nemo.profile b/etc/nemo.profile index 2364ea4a7..a23ba1700 100644 --- a/etc/nemo.profile +++ b/etc/nemo.profile @@ -21,6 +21,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc @@ -38,5 +39,3 @@ protocol unix,inet,inet6 seccomp shell none -noexec ${HOME} -noexec /tmp diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile index 771430337..2c23a4868 100644 --- a/etc/nethack-vultures.profile +++ b/etc/nethack-vultures.profile @@ -12,6 +12,7 @@ noblacklist /var/log include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-dev private-tmp writable-var -noexec ${HOME} -noexec /tmp diff --git a/etc/nethack.profile b/etc/nethack.profile index 8f63a133a..5375d2f4f 100644 --- a/etc/nethack.profile +++ b/etc/nethack.profile @@ -11,6 +11,7 @@ noblacklist /var/games/nethack include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-tmp writable-var #memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/neverball.profile b/etc/neverball.profile index 34493485a..84c634549 100644 --- a/etc/neverball.profile +++ b/etc/neverball.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.neverball include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ private-bin neverball private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/nheko.profile b/etc/nheko.profile index ea99b2f5a..2dfddf872 100644 --- a/etc/nheko.profile +++ b/etc/nheko.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.cache/nheko/nheko include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ disable-mnt private-bin nheko private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/nitroshare.profile b/etc/nitroshare.profile index 4d2c5bdf2..7aba69490 100644 --- a/etc/nitroshare.profile +++ b/etc/nitroshare.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -48,5 +49,3 @@ private-etc alternatives,ca-certificates,dconf,fonts,hostname,hosts,ld.so.cache, private-tmp # memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/nomacs.profile b/etc/nomacs.profile index 4bda5cbce..fd154b1c4 100644 --- a/etc/nomacs.profile +++ b/etc/nomacs.profile @@ -13,6 +13,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -44,5 +45,3 @@ private-etc alternatives,hosts,ca-certificates,ssl,pki,crypto-policies,resolv.co private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/nyx.profile b/etc/nyx.profile index 2a078ef0f..ed39283b2 100644 --- a/etc/nyx.profile +++ b/etc/nyx.profile @@ -17,6 +17,7 @@ whitelist ${HOME}/.nyx include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -47,5 +48,3 @@ private-opt none private-srv none private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/obs.profile b/etc/obs.profile index 5e3ce092a..1f02efc7f 100644 --- a/etc/obs.profile +++ b/etc/obs.profile @@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -44,5 +45,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/onionshare-gui.profile b/etc/onionshare-gui.profile index 75f6194a6..3ee78c59d 100644 --- a/etc/onionshare-gui.profile +++ b/etc/onionshare-gui.profile @@ -14,6 +14,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/orage.profile b/etc/orage.profile index 29b8ef749..2c55ab909 100644 --- a/etc/orage.profile +++ b/etc/orage.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/orage include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/pdfmod.profile b/etc/pdfmod.profile index 3b6116c85..177070e83 100644 --- a/etc/pdfmod.profile +++ b/etc/pdfmod.profile @@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,5 +41,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile index 4eed98e88..98dcce0b7 100644 --- a/etc/pdfsam.profile +++ b/etc/pdfsam.profile @@ -17,6 +17,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -44,5 +45,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/peek.profile b/etc/peek.profile index 06e7b3e62..fd836560e 100644 --- a/etc/peek.profile +++ b/etc/peek.profile @@ -11,6 +11,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/picard.profile b/etc/picard.profile index 26002e14d..b756ed629 100644 --- a/etc/picard.profile +++ b/etc/picard.profile @@ -20,6 +20,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -44,5 +45,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/pithos.profile b/etc/pithos.profile index 6492ace7b..d6a0a7822 100644 --- a/etc/pithos.profile +++ b/etc/pithos.profile @@ -16,6 +16,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-bin pithos,env,python* private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/pitivi.profile b/etc/pitivi.profile index ac7922833..83f5ccbb9 100644 --- a/etc/pitivi.profile +++ b/etc/pitivi.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/polari.profile b/etc/polari.profile index 5fa717cb3..b9f81eece 100644 --- a/etc/polari.profile +++ b/etc/polari.profile @@ -9,6 +9,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-programs.inc @@ -45,5 +46,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/ppsspp.profile b/etc/ppsspp.profile index 0c8bfa770..480a03e49 100644 --- a/etc/ppsspp.profile +++ b/etc/ppsspp.profile @@ -13,6 +13,7 @@ noblacklist /usr/lib/llvm* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf private-opt ppsspp private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/pragha.profile b/etc/pragha.profile index a595caee9..4e6840636 100644 --- a/etc/pragha.profile +++ b/etc/pragha.profile @@ -11,6 +11,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-dev private-etc alternatives,asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile index 7ec789440..087f90966 100644 --- a/etc/psi-plus.profile +++ b/etc/psi-plus.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.local/share/psi+ include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/pybitmessage.profile b/etc/pybitmessage.profile index 63ae156a1..28ab8caa6 100644 --- a/etc/pybitmessage.profile +++ b/etc/pybitmessage.profile @@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc include disable-interpreters.inc @@ -47,5 +48,3 @@ private-dev private-etc alternatives,PyBitmessage,PyBitmessage.conf,Trolltech.conf,fonts,gtk-2.0,hosts,ld.so.cache,ld.so.preload,localtime,pki,resolv.conf,selinux,sni-qt.conf,system-fips,xdg,ca-certificates,ssl,pki,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/qlipper.profile b/etc/qlipper.profile index ec0b6c64d..fb9dca48f 100644 --- a/etc/qlipper.profile +++ b/etc/qlipper.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Qlipper include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/qmmp.profile b/etc/qmmp.profile index 66c27a585..f786e73b7 100644 --- a/etc/qmmp.profile +++ b/etc/qmmp.profile @@ -11,6 +11,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc @@ -34,5 +35,3 @@ private-bin qmmp,tar,unzip,bzip2,gzip private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/quiterss.profile b/etc/quiterss.profile index e6c441e27..41c84425b 100644 --- a/etc/quiterss.profile +++ b/etc/quiterss.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.local/share/QuiteRss include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -49,5 +50,3 @@ private-bin quiterss private-dev # private-etc alternatives,X11,ssl,pki,ca-certificates,crypto-policies -noexec ${HOME} -noexec /tmp diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile index eef0c8fa6..1b23b2baf 100644 --- a/etc/qupzilla.profile +++ b/etc/qupzilla.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/qupzilla include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ private-dev # private-etc alternatives,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,adobe,mime.types,mailcap,asound.conf,pulse,machine-id,ca-certificates,ssl,pki,crypto-policies # private-tmp - interferes with the opening of downloaded files -noexec ${HOME} -noexec /tmp diff --git a/etc/redeclipse.profile b/etc/redeclipse.profile index 278514538..bb1ad56d3 100644 --- a/etc/redeclipse.profile +++ b/etc/redeclipse.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.redeclipse include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/remmina.profile b/etc/remmina.profile index 888f3819f..a77f2d8aa 100644 --- a/etc/remmina.profile +++ b/etc/remmina.profile @@ -13,6 +13,7 @@ noblacklist ${HOME}/.ssh include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -37,5 +38,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/ricochet.profile b/etc/ricochet.profile index a67d6b7ca..3cb30c459 100644 --- a/etc/ricochet.profile +++ b/etc/ricochet.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/Ricochet include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ private-bin ricochet,tor private-dev #private-etc alternatives,fonts,tor,X11,alternatives,ca-certificates,ssl,pki,crypto-policies -noexec ${HOME} -noexec /tmp diff --git a/etc/ristretto.profile b/etc/ristretto.profile index e6b22b914..8fcbb203c 100644 --- a/etc/ristretto.profile +++ b/etc/ristretto.profile @@ -12,6 +12,7 @@ noblacklist ${HOME}/.steam include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/sayonara.profile b/etc/sayonara.profile index ce86c80f9..8f0544f33 100644 --- a/etc/sayonara.profile +++ b/etc/sayonara.profile @@ -10,6 +10,7 @@ noblacklist ${MUSIC} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc @@ -32,5 +33,3 @@ private-bin sayonara private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/scallion.profile b/etc/scallion.profile index b4d0ef240..232ec4346 100644 --- a/etc/scallion.profile +++ b/etc/scallion.profile @@ -13,6 +13,7 @@ noblacklist ${PATH}/openssl-1.0 noblacklist ${DOCUMENTS} include disable-common.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -40,6 +41,3 @@ disable-mnt private private-dev private-tmp - -noexec ${HOME} -noexec /tmp diff --git a/etc/scribus.profile b/etc/scribus.profile index 5bec43d85..d8dc7b0e0 100644 --- a/etc/scribus.profile +++ b/etc/scribus.profile @@ -36,6 +36,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -63,5 +64,3 @@ tracelog private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/sdat2img.profile b/etc/sdat2img.profile index d78b51766..485326fcc 100644 --- a/etc/sdat2img.profile +++ b/etc/sdat2img.profile @@ -16,6 +16,7 @@ noblacklist /usr/local/lib/python3* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-bin sdat2img,env,python* private-cache private-dev -noexec ${HOME} -noexec /tmp diff --git a/etc/shellcheck.profile b/etc/shellcheck.profile index 429633a6d..b8974e416 100644 --- a/etc/shellcheck.profile +++ b/etc/shellcheck.profile @@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-dev private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/silentarmy.profile b/etc/silentarmy.profile index 5ef96a4ea..7aeb2909b 100644 --- a/etc/silentarmy.profile +++ b/etc/silentarmy.profile @@ -8,6 +8,7 @@ include globals.local include disable-common.inc # include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ private-dev private-opt none private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/skype.profile b/etc/skype.profile index 09b9baa11..55057c546 100644 --- a/etc/skype.profile +++ b/etc/skype.profile @@ -9,8 +9,10 @@ noblacklist ${HOME}/.Skype include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-devel.inc +include disable-exec.inc include disable-programs.inc caps.drop all @@ -31,5 +33,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/slashem.profile b/etc/slashem.profile index 0a372ce5f..011698e1f 100644 --- a/etc/slashem.profile +++ b/etc/slashem.profile @@ -11,6 +11,7 @@ noblacklist /var/games/slashem include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-tmp writable-var #memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/smtube.profile b/etc/smtube.profile index 24f3db40a..1c7c6c0d2 100644 --- a/etc/smtube.profile +++ b/etc/smtube.profile @@ -17,6 +17,7 @@ noblacklist ${VIDEOS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -41,5 +42,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile index b43047401..74582dd2f 100644 --- a/etc/spectre-meltdown-checker.profile +++ b/etc/spectre-meltdown-checker.profile @@ -20,6 +20,7 @@ noblacklist /usr/share/perl* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -49,5 +50,3 @@ private-cache private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/spotify.profile b/etc/spotify.profile index 60d15735d..6f7f6ec85 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile @@ -16,6 +16,7 @@ noblacklist ${HOME}/.local/share/spotify include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -50,5 +51,3 @@ private-etc alternatives,fonts,group,ld.so.cache,machine-id,pulse,resolv.conf,ho private-opt spotify private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/stellarium.profile b/etc/stellarium.profile index 7d0000fb3..d6df2e0ad 100644 --- a/etc/stellarium.profile +++ b/etc/stellarium.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.stellarium include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -42,5 +43,3 @@ private-bin stellarium private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/surf.profile b/etc/surf.profile index 4fad4a81d..0504b5fe5 100644 --- a/etc/surf.profile +++ b/etc/surf.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.surf include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-dev private-etc alternatives,passwd,group,hosts,resolv.conf,fonts,ssl,pki,ca-certificates,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/synfigstudio.profile b/etc/synfigstudio.profile index 9ce1bb183..33086a99d 100644 --- a/etc/synfigstudio.profile +++ b/etc/synfigstudio.profile @@ -11,6 +11,7 @@ noblacklist ${HOME}/.synfig include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/teamspeak3.profile b/etc/teamspeak3.profile index 25928882b..8d5917148 100644 --- a/etc/teamspeak3.profile +++ b/etc/teamspeak3.profile @@ -11,6 +11,7 @@ noblacklist ${PATH}/openssl include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/telegram.profile b/etc/telegram.profile index fb2c06a27..e3af5600a 100644 --- a/etc/telegram.profile +++ b/etc/telegram.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/TelegramDesktop include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-programs.inc @@ -26,5 +27,3 @@ disable-mnt private-cache private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/tilp.profile b/etc/tilp.profile index 2643c9a84..4d38d5184 100644 --- a/etc/tilp.profile +++ b/etc/tilp.profile @@ -9,6 +9,7 @@ noblacklist ${HOME}/.tilp include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -32,5 +33,3 @@ private-cache private-etc alternatives,fonts private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/tor.profile b/etc/tor.profile index 418352639..e80fbadb0 100644 --- a/etc/tor.profile +++ b/etc/tor.profile @@ -19,6 +19,7 @@ include globals.local include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -49,5 +50,3 @@ private-dev private-etc alternatives,tor,passwd,ca-certificates,ssl,pki,crypto-policies private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/truecraft.profile b/etc/truecraft.profile index ae1d85473..e76d52219 100644 --- a/etc/truecraft.profile +++ b/etc/truecraft.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/truecraft include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/uefitool.profile b/etc/uefitool.profile index 218b41e15..8ab0e9a26 100644 --- a/etc/uefitool.profile +++ b/etc/uefitool.profile @@ -9,6 +9,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -35,5 +36,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/viking.profile b/etc/viking.profile index baf268691..5b6228a94 100644 --- a/etc/viking.profile +++ b/etc/viking.profile @@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -34,5 +35,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/vym.profile b/etc/vym.profile index bb3f6ac56..fbb53943c 100644 --- a/etc/vym.profile +++ b/etc/vym.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/InSilmaril include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/webui-aria2.profile b/etc/webui-aria2.profile index 5bc9c122b..0cd1e05ab 100644 --- a/etc/webui-aria2.profile +++ b/etc/webui-aria2.profile @@ -10,6 +10,7 @@ noblacklist ${PATH}/node include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -34,5 +35,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/xfce4-dict.profile b/etc/xfce4-dict.profile index 0dc021ef3..bc499bd30 100644 --- a/etc/xfce4-dict.profile +++ b/etc/xfce4-dict.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/xfce4-dict include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -34,5 +35,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/xfce4-notes.profile b/etc/xfce4-notes.profile index df1b575b2..4dad1bf7a 100644 --- a/etc/xfce4-notes.profile +++ b/etc/xfce4-notes.profile @@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/notes include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -36,5 +37,3 @@ private-cache private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/xmr-stak.profile b/etc/xmr-stak.profile index 99c9676b8..3fbdf66ab 100644 --- a/etc/xmr-stak.profile +++ b/etc/xmr-stak.profile @@ -10,6 +10,7 @@ noblacklist /usr/lib/llvm* include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -43,5 +44,3 @@ private-opt cuda private-tmp memory-deny-write-execute -noexec ${HOME} -noexec /tmp diff --git a/etc/xonotic.profile b/etc/xonotic.profile index 9d422a01e..09c0639f8 100644 --- a/etc/xonotic.profile +++ b/etc/xonotic.profile @@ -10,6 +10,7 @@ noblacklist ${HOME}/.xonotic include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -39,5 +40,3 @@ private-dev private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies,machine-id private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/xpdf.profile b/etc/xpdf.profile index 4a82942ad..8c405ba1d 100644 --- a/etc/xpdf.profile +++ b/etc/xpdf.profile @@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -38,5 +39,3 @@ shell none private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/zaproxy.profile b/etc/zaproxy.profile index cc572cbfe..dc3164da1 100644 --- a/etc/zaproxy.profile +++ b/etc/zaproxy.profile @@ -17,6 +17,7 @@ noblacklist /usr/share/java include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -47,5 +48,3 @@ disable-mnt private-dev private-tmp -noexec ${HOME} -noexec /tmp diff --git a/etc/zart.profile b/etc/zart.profile index 32df94841..f380e93f0 100644 --- a/etc/zart.profile +++ b/etc/zart.profile @@ -11,6 +11,7 @@ noblacklist ${PICTURES} include disable-common.inc include disable-devel.inc +include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc @@ -33,5 +34,3 @@ shell none private-bin zart,ffmpeg,melt,ffprobe,ffplay private-dev -noexec ${HOME} -noexec /tmp -- cgit v1.2.3-70-g09d2