From 6a13ff2321f48df89251a7726c7f6ba06aecaa0f Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sun, 2 May 2021 14:23:41 +0000 Subject: [PATCH] harden audio-recorder (#4233) --- etc/profile-a-l/audio-recorder.profile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/etc/profile-a-l/audio-recorder.profile b/etc/profile-a-l/audio-recorder.profile index b2ed3b03042..2c7fdc81209 100644 --- a/etc/profile-a-l/audio-recorder.profile +++ b/etc/profile-a-l/audio-recorder.profile @@ -20,6 +20,7 @@ include disable-xdg.inc whitelist ${MUSIC} whitelist ${DOWNLOADS} whitelist /usr/share/audio-recorder +whitelist /usr/share/gstreamer-1.0 include whitelist-common.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc @@ -44,7 +45,11 @@ tracelog disable-mnt # private-bin audio-recorder private-cache -private-etc alternatives,fonts +private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload private-tmp +dbus-user filter +dbus-user.talk ca.desrt.dconf +dbus-system none + # memory-deny-write-execute - breaks on Arch