From b9a82b54c83113dad210a83f2f88187a01f7dcbd Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Mon, 11 May 2020 16:57:33 +0200 Subject: [PATCH 1/4] disable-shell.inc --- etc/inc/disable-shell.inc | 13 +++++++++++++ etc/profile-a-l/gfeeds.profile | 1 + etc/profile-m-z/minetest.profile | 1 + etc/profile-m-z/strings.profile | 1 + etc/profile-m-z/youtube-dl.profile | 1 + etc/templates/profile.template | 1 + 6 files changed, 18 insertions(+) create mode 100644 etc/inc/disable-shell.inc diff --git a/etc/inc/disable-shell.inc b/etc/inc/disable-shell.inc new file mode 100644 index 00000000000..fda528eb6ac --- /dev/null +++ b/etc/inc/disable-shell.inc @@ -0,0 +1,13 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include disable-shell.local + +blacklist ${PATH}/bash +blacklist ${PATH}/csh +blacklist ${PATH}/dash +blacklist ${PATH}/fish +blacklist ${PATH}/ksh +blacklist ${PATH}/sh +blacklist ${PATH}/tclsh +blacklist ${PATH}/tcsh +blacklist ${PATH}/zsh diff --git a/etc/profile-a-l/gfeeds.profile b/etc/profile-a-l/gfeeds.profile index 587a12a934f..d97ab530b47 100644 --- a/etc/profile-a-l/gfeeds.profile +++ b/etc/profile-a-l/gfeeds.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/gfeeds diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index f201b13d730..fa7d9edb0d2 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/minetest diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile index 31ed5dd3f61..426b2dc1cde 100644 --- a/etc/profile-m-z/strings.profile +++ b/etc/profile-m-z/strings.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc #include disable-programs.inc +include disable-shell.inc #include disable-xdg.inc #include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile index 061d873b393..db3535f786c 100644 --- a/etc/profile-m-z/youtube-dl.profile +++ b/etc/profile-m-z/youtube-dl.profile @@ -30,6 +30,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/templates/profile.template b/etc/templates/profile.template index be1175ce3fc..02d9fa076c3 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template @@ -109,6 +109,7 @@ include globals.local #include disable-interpreters.inc #include disable-passwdmgr.inc #include disable-programs.inc +#include disable-shell.inc #include disable-xdg.inc # This section often mirrors noblacklist section above. The idea is From ff68d2f616780506b09fdd07b4b9b2adda78bea2 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Fri, 15 May 2020 18:43:01 +0200 Subject: [PATCH 2/4] =?UTF-8?q?add=20disable-shell.inc=20to=20all=20profil?= =?UTF-8?q?es=20with=20a=20=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit … private-bin line without bash/sh except profiles with redirect profiles. --- etc/profile-a-l/abiword.profile | 1 + etc/profile-a-l/akregator.profile | 1 + etc/profile-a-l/anki.profile | 1 + etc/profile-a-l/anydesk.profile | 3 ++- etc/profile-a-l/ar.profile | 1 + etc/profile-a-l/arch-audit.profile | 1 + etc/profile-a-l/aria2c.profile | 1 + etc/profile-a-l/artha.profile | 1 + etc/profile-a-l/assogiate.profile | 1 + etc/profile-a-l/audacity.profile | 1 + etc/profile-a-l/aweather.profile | 1 + etc/profile-a-l/baobab.profile | 1 + etc/profile-a-l/bitcoin-qt.profile | 1 + etc/profile-a-l/bitwarden.profile | 1 + etc/profile-a-l/blobwars.profile | 1 + etc/profile-a-l/bzflag.profile | 1 + etc/profile-a-l/cameramonitor.profile | 1 + etc/profile-a-l/cantata.profile | 1 + etc/profile-a-l/cmus.profile | 1 + etc/profile-a-l/com.github.dahenson.agenda.profile | 1 + etc/profile-a-l/com.github.johnfactotum.Foliate.profile | 1 + etc/profile-a-l/corebird.profile | 1 + etc/profile-a-l/cower.profile | 1 + etc/profile-a-l/crow.profile | 1 + etc/profile-a-l/d-feet.profile | 1 + etc/profile-a-l/dconf-editor.profile | 1 + etc/profile-a-l/devhelp.profile | 1 + etc/profile-a-l/dino.profile | 1 + etc/profile-a-l/display.profile | 1 + etc/profile-a-l/dosbox.profile | 1 + etc/profile-a-l/dragon.profile | 1 + etc/profile-a-l/drawio.profile | 1 + etc/profile-a-l/electron-mail.profile | 1 + etc/profile-a-l/electrum.profile | 1 + etc/profile-a-l/etr.profile | 1 + etc/profile-a-l/exfalso.profile | 1 + etc/profile-a-l/fbreader.profile | 1 + etc/profile-a-l/feh.profile | 1 + etc/profile-a-l/font-manager.profile | 1 + etc/profile-a-l/galculator.profile | 1 + etc/profile-a-l/ghostwriter.profile | 1 + etc/profile-a-l/gnome-characters.profile | 1 + etc/profile-a-l/gnome-chess.profile | 1 + etc/profile-a-l/gnome-hexgl.profile | 1 + etc/profile-a-l/gnome-passwordsafe.profile | 1 + etc/profile-a-l/gnome-recipes.profile | 1 + etc/profile-a-l/gnome-system-log.profile | 1 + etc/profile-a-l/gnome-todo.profile | 1 + etc/profile-a-l/gpicview.profile | 1 + etc/profile-a-l/gpredict.profile | 1 + etc/profile-a-l/gravity-beams-and-evaporating-stars.profile | 1 + etc/profile-a-l/gthumb.profile | 1 + etc/profile-a-l/gtk-update-icon-cache.profile | 1 + etc/profile-a-l/guayadeque.profile | 1 + etc/profile-a-l/gwenview.profile | 1 + etc/profile-a-l/hexchat.profile | 1 + etc/profile-a-l/highlight.profile | 1 + etc/profile-a-l/hugin.profile | 1 + etc/profile-a-l/hyperrogue.profile | 1 + etc/profile-a-l/iagno.profile | 1 + etc/profile-a-l/kcalc.profile | 1 + etc/profile-a-l/kdeinit4.profile | 1 + etc/profile-a-l/konversation.profile | 1 + etc/profile-a-l/ktorrent.profile | 1 + etc/profile-a-l/ktouch.profile | 1 + etc/profile-a-l/kwin_x11.profile | 1 + etc/profile-a-l/kwrite.profile | 1 + etc/profile-a-l/leafpad.profile | 1 + etc/profile-a-l/lincity-ng.profile | 1 + etc/profile-a-l/lugaru.profile | 1 + etc/profile-m-z/Maelstrom.profile | 1 + etc/profile-m-z/QMediathekView.profile | 1 + etc/profile-m-z/QOwnNotes.profile | 1 + etc/profile-m-z/macrofusion.profile | 1 + etc/profile-m-z/magicor.profile | 1 + etc/profile-m-z/manaplus.profile | 1 + etc/profile-m-z/mate-color-select.profile | 1 + etc/profile-m-z/mate-dictionary.profile | 1 + etc/profile-m-z/mcabber.profile | 1 + etc/profile-m-z/mediainfo.profile | 1 + etc/profile-m-z/meld.profile | 1 + etc/profile-m-z/meteo-qt.profile | 1 + etc/profile-m-z/mindless.profile | 1 + etc/profile-m-z/mirrormagic.profile | 1 + etc/profile-m-z/mousepad.profile | 1 + etc/profile-m-z/mp3splt-gtk.profile | 1 + etc/profile-m-z/mpDris2.profile | 1 + etc/profile-m-z/mpsyt.profile | 1 + etc/profile-m-z/mpv.profile | 1 + etc/profile-m-z/mumble.profile | 1 + etc/profile-m-z/netactview.profile | 1 + etc/profile-m-z/nheko.profile | 1 + etc/profile-m-z/nicotine.profile | 1 + etc/profile-m-z/nyx.profile | 1 + etc/profile-m-z/ocenaudio.profile | 1 + etc/profile-m-z/odt2txt.profile | 1 + etc/profile-m-z/okular.profile | 1 + etc/profile-m-z/open-invaders.profile | 1 + etc/profile-m-z/opencity.profile | 1 + etc/profile-m-z/openclonk.profile | 1 + etc/profile-m-z/openttd.profile | 1 + etc/profile-m-z/ostrichriders.profile | 1 + etc/profile-m-z/pandoc.profile | 1 + etc/profile-m-z/parole.profile | 1 + etc/profile-m-z/patch.profile | 1 + etc/profile-m-z/pdftotext.profile | 1 + etc/profile-m-z/penguin-command.profile | 1 + etc/profile-m-z/pioneer.profile | 1 + etc/profile-m-z/pithos.profile | 1 + etc/profile-m-z/pix.profile | 1 + etc/profile-m-z/pluma.profile | 1 + etc/profile-m-z/pngquant.profile | 1 + etc/profile-m-z/profanity.profile | 1 + etc/profile-m-z/qbittorrent.profile | 1 + etc/profile-m-z/qmmp.profile | 1 + etc/profile-m-z/qpdfview.profile | 1 + etc/profile-m-z/qtox.profile | 1 + etc/profile-m-z/quiterss.profile | 1 + etc/profile-m-z/regextester.profile | 1 + etc/profile-m-z/ricochet.profile | 1 + etc/profile-m-z/rsync-download_only.profile | 1 + etc/profile-m-z/rtorrent.profile | 1 + etc/profile-m-z/sayonara.profile | 1 + etc/profile-m-z/scorchwentbonkers.profile | 1 + etc/profile-m-z/sdat2img.profile | 1 + etc/profile-m-z/seahorse-adventures.profile | 1 + etc/profile-m-z/silentarmy.profile | 1 + etc/profile-m-z/slack.profile | 1 + etc/profile-m-z/smplayer.profile | 1 + etc/profile-m-z/sol.profile | 1 + etc/profile-m-z/sqlitebrowser.profile | 1 + etc/profile-m-z/stellarium.profile | 1 + etc/profile-m-z/supertuxkart.profile | 3 ++- etc/profile-m-z/teeworlds.profile | 1 + etc/profile-m-z/tilp.profile | 1 + etc/profile-m-z/totem.profile | 1 + etc/profile-m-z/transgui.profile | 1 + etc/profile-m-z/tremulous.profile | 1 + etc/profile-m-z/uget-gtk.profile | 1 + etc/profile-m-z/unf.profile | 1 + etc/profile-m-z/unrar.profile | 1 + etc/profile-m-z/unzip.profile | 1 + etc/profile-m-z/utox.profile | 1 + etc/profile-m-z/uudeview.profile | 1 + etc/profile-m-z/viewnior.profile | 1 + etc/profile-m-z/warmux.profile | 1 + etc/profile-m-z/warsow.profile | 1 + etc/profile-m-z/warzone2100.profile | 1 + etc/profile-m-z/wget.profile | 1 + etc/profile-m-z/widelands.profile | 1 + etc/profile-m-z/wordwarvi.profile | 1 + etc/profile-m-z/xbill.profile | 1 + etc/profile-m-z/xcalc.profile | 1 + etc/profile-m-z/xed.profile | 1 + etc/profile-m-z/xfce4-mixer.profile | 1 + etc/profile-m-z/xiphos.profile | 1 + etc/profile-m-z/xmms.profile | 1 + etc/profile-m-z/xmr-stak.profile | 1 + etc/profile-m-z/xournal.profile | 1 + etc/profile-m-z/xviewer.profile | 1 + etc/profile-m-z/yelp.profile | 1 + etc/profile-m-z/zart.profile | 1 + etc/profile-m-z/zathura.profile | 1 + etc/profile-m-z/zeal.profile | 1 + etc/profile-m-z/zulip.profile | 1 + 165 files changed, 167 insertions(+), 2 deletions(-) diff --git a/etc/profile-a-l/abiword.profile b/etc/profile-a-l/abiword.profile index 948d3774a87..1fdc9e9fede 100644 --- a/etc/profile-a-l/abiword.profile +++ b/etc/profile-a-l/abiword.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc whitelist /usr/share/abiword-3.0 include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/akregator.profile b/etc/profile-a-l/akregator.profile index 34933f2836d..377c4380404 100644 --- a/etc/profile-a-l/akregator.profile +++ b/etc/profile-a-l/akregator.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkfile ${HOME}/.config/akregatorrc mkdir ${HOME}/.local/share/akregator diff --git a/etc/profile-a-l/anki.profile b/etc/profile-a-l/anki.profile index fa688f1a548..61e5f2eead3 100644 --- a/etc/profile-a-l/anki.profile +++ b/etc/profile-a-l/anki.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.local/share/Anki2 diff --git a/etc/profile-a-l/anydesk.profile b/etc/profile-a-l/anydesk.profile index 35b18bab401..c847a04dc16 100644 --- a/etc/profile-a-l/anydesk.profile +++ b/etc/profile-a-l/anydesk.profile @@ -9,9 +9,10 @@ noblacklist ${HOME}/.anydesk include disable-common.inc include disable-devel.inc +include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc -include disable-interpreters.inc +include disable-shell.inc mkdir ${HOME}/.anydesk whitelist ${HOME}/.anydesk diff --git a/etc/profile-a-l/ar.profile b/etc/profile-a-l/ar.profile index 6ed60ffe575..183587ff8a7 100644 --- a/etc/profile-a-l/ar.profile +++ b/etc/profile-a-l/ar.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc apparmor caps.drop all diff --git a/etc/profile-a-l/arch-audit.profile b/etc/profile-a-l/arch-audit.profile index 324730bdefd..934b8940488 100644 --- a/etc/profile-a-l/arch-audit.profile +++ b/etc/profile-a-l/arch-audit.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/arch-audit diff --git a/etc/profile-a-l/aria2c.profile b/etc/profile-a-l/aria2c.profile index d2dcaace1e6..7c3ea7d979a 100644 --- a/etc/profile-a-l/aria2c.profile +++ b/etc/profile-a-l/aria2c.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/artha.profile b/etc/profile-a-l/artha.profile index 19a4771aa32..adb33fae147 100644 --- a/etc/profile-a-l/artha.profile +++ b/etc/profile-a-l/artha.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # whitelisting in ${HOME} makes settings immutable, see #3112 diff --git a/etc/profile-a-l/assogiate.profile b/etc/profile-a-l/assogiate.profile index da72a4a739c..2686839efc5 100644 --- a/etc/profile-a-l/assogiate.profile +++ b/etc/profile-a-l/assogiate.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${PICTURES} diff --git a/etc/profile-a-l/audacity.profile b/etc/profile-a-l/audacity.profile index 5a454d31d98..a11e595530e 100644 --- a/etc/profile-a-l/audacity.profile +++ b/etc/profile-a-l/audacity.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/aweather.profile b/etc/profile-a-l/aweather.profile index d7228570f59..44c3110a0df 100644 --- a/etc/profile-a-l/aweather.profile +++ b/etc/profile-a-l/aweather.profile @@ -13,6 +13,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/aweather whitelist ${HOME}/.config/aweather diff --git a/etc/profile-a-l/baobab.profile b/etc/profile-a-l/baobab.profile index 50f7531c01c..3937e196689 100644 --- a/etc/profile-a-l/baobab.profile +++ b/etc/profile-a-l/baobab.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc # include disable-programs.inc +include disable-shell.inc # include disable-xdg.inc include whitelist-runuser-common.inc diff --git a/etc/profile-a-l/bitcoin-qt.profile b/etc/profile-a-l/bitcoin-qt.profile index ac1e21ba7ab..3a3f2b62ccb 100644 --- a/etc/profile-a-l/bitcoin-qt.profile +++ b/etc/profile-a-l/bitcoin-qt.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.bitcoin mkdir ${HOME}/.config/Bitcoin diff --git a/etc/profile-a-l/bitwarden.profile b/etc/profile-a-l/bitwarden.profile index 3095e7505a4..41f8e51fd7e 100644 --- a/etc/profile-a-l/bitwarden.profile +++ b/etc/profile-a-l/bitwarden.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/Bitwarden diff --git a/etc/profile-a-l/blobwars.profile b/etc/profile-a-l/blobwars.profile index 2a56bdf94aa..d43a9d241b2 100644 --- a/etc/profile-a-l/blobwars.profile +++ b/etc/profile-a-l/blobwars.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.parallelrealities/blobwars diff --git a/etc/profile-a-l/bzflag.profile b/etc/profile-a-l/bzflag.profile index 1f56d516981..f06bead1e53 100644 --- a/etc/profile-a-l/bzflag.profile +++ b/etc/profile-a-l/bzflag.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.bzf diff --git a/etc/profile-a-l/cameramonitor.profile b/etc/profile-a-l/cameramonitor.profile index f48cc43a10f..74c7cc34b61 100644 --- a/etc/profile-a-l/cameramonitor.profile +++ b/etc/profile-a-l/cameramonitor.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/cameramonitor diff --git a/etc/profile-a-l/cantata.profile b/etc/profile-a-l/cantata.profile index c44d56b909f..294bb31b390 100644 --- a/etc/profile-a-l/cantata.profile +++ b/etc/profile-a-l/cantata.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # apparmor diff --git a/etc/profile-a-l/cmus.profile b/etc/profile-a-l/cmus.profile index fa1e5d722c7..bcd557787b8 100644 --- a/etc/profile-a-l/cmus.profile +++ b/etc/profile-a-l/cmus.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-a-l/com.github.dahenson.agenda.profile b/etc/profile-a-l/com.github.dahenson.agenda.profile index 6df9627b328..1fd2270abf7 100644 --- a/etc/profile-a-l/com.github.dahenson.agenda.profile +++ b/etc/profile-a-l/com.github.dahenson.agenda.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/agenda diff --git a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile index 39a9a360dee..c1800fe4c7d 100644 --- a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile +++ b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/com.github.johnfactotum.Foliate diff --git a/etc/profile-a-l/corebird.profile b/etc/profile-a-l/corebird.profile index dbb043c17d5..e9a2c944100 100644 --- a/etc/profile-a-l/corebird.profile +++ b/etc/profile-a-l/corebird.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/cower.profile b/etc/profile-a-l/cower.profile index 8efe48240c1..0ab5a7f7840 100644 --- a/etc/profile-a-l/cower.profile +++ b/etc/profile-a-l/cower.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # This profile could be significantly strengthened by adding the following to cower.local diff --git a/etc/profile-a-l/crow.profile b/etc/profile-a-l/crow.profile index 755b6e9f8e5..db4be767954 100644 --- a/etc/profile-a-l/crow.profile +++ b/etc/profile-a-l/crow.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/d-feet.profile b/etc/profile-a-l/d-feet.profile index 51df7b45528..7e622799ade 100644 --- a/etc/profile-a-l/d-feet.profile +++ b/etc/profile-a-l/d-feet.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/d-feet diff --git a/etc/profile-a-l/dconf-editor.profile b/etc/profile-a-l/dconf-editor.profile index 62379d3efce..d6541850dcb 100644 --- a/etc/profile-a-l/dconf-editor.profile +++ b/etc/profile-a-l/dconf-editor.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${HOME}/.local/share/glib-2.0 diff --git a/etc/profile-a-l/devhelp.profile b/etc/profile-a-l/devhelp.profile index f3c012acb16..b8b07469d2a 100644 --- a/etc/profile-a-l/devhelp.profile +++ b/etc/profile-a-l/devhelp.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/devhelp diff --git a/etc/profile-a-l/dino.profile b/etc/profile-a-l/dino.profile index 82ddf2819f8..d06ca042e77 100644 --- a/etc/profile-a-l/dino.profile +++ b/etc/profile-a-l/dino.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.local/share/dino whitelist ${HOME}/.local/share/dino diff --git a/etc/profile-a-l/display.profile b/etc/profile-a-l/display.profile index 2ae4edced39..9de634da95c 100644 --- a/etc/profile-a-l/display.profile +++ b/etc/profile-a-l/display.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/dosbox.profile b/etc/profile-a-l/dosbox.profile index 17ccc9b9a5e..11b9a4f42e1 100644 --- a/etc/profile-a-l/dosbox.profile +++ b/etc/profile-a-l/dosbox.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/dragon.profile b/etc/profile-a-l/dragon.profile index df839cc4733..d355cd121dd 100644 --- a/etc/profile-a-l/dragon.profile +++ b/etc/profile-a-l/dragon.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/dragonplayer diff --git a/etc/profile-a-l/drawio.profile b/etc/profile-a-l/drawio.profile index 4132caa4fc5..4d723c8aa95 100644 --- a/etc/profile-a-l/drawio.profile +++ b/etc/profile-a-l/drawio.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/draw.io diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile index d5def68c241..39366470ff6 100644 --- a/etc/profile-a-l/electron-mail.profile +++ b/etc/profile-a-l/electron-mail.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/electron-mail diff --git a/etc/profile-a-l/electrum.profile b/etc/profile-a-l/electrum.profile index bcc84ddb892..73c19f3805e 100644 --- a/etc/profile-a-l/electrum.profile +++ b/etc/profile-a-l/electrum.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.electrum diff --git a/etc/profile-a-l/etr.profile b/etc/profile-a-l/etr.profile index 72f5883667f..1c34335d2fc 100644 --- a/etc/profile-a-l/etr.profile +++ b/etc/profile-a-l/etr.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.etr diff --git a/etc/profile-a-l/exfalso.profile b/etc/profile-a-l/exfalso.profile index 0b961f5343b..192858304d4 100644 --- a/etc/profile-a-l/exfalso.profile +++ b/etc/profile-a-l/exfalso.profile @@ -22,6 +22,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.quodlibet diff --git a/etc/profile-a-l/fbreader.profile b/etc/profile-a-l/fbreader.profile index af670cee24b..e9fcc223188 100644 --- a/etc/profile-a-l/fbreader.profile +++ b/etc/profile-a-l/fbreader.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/feh.profile b/etc/profile-a-l/feh.profile index 91123fa0e9e..3ee07e55913 100644 --- a/etc/profile-a-l/feh.profile +++ b/etc/profile-a-l/feh.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc # This profile disables network access # In order to enable network access, diff --git a/etc/profile-a-l/font-manager.profile b/etc/profile-a-l/font-manager.profile index ae0e32d1e27..acad6ad133e 100644 --- a/etc/profile-a-l/font-manager.profile +++ b/etc/profile-a-l/font-manager.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/font-manager diff --git a/etc/profile-a-l/galculator.profile b/etc/profile-a-l/galculator.profile index 404d8974253..89f20b923aa 100644 --- a/etc/profile-a-l/galculator.profile +++ b/etc/profile-a-l/galculator.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/galculator diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 1d5398403cb..d7b46263d85 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/ghostwriter diff --git a/etc/profile-a-l/gnome-characters.profile b/etc/profile-a-l/gnome-characters.profile index 3d7a2e4a689..f4f3ae2d720 100644 --- a/etc/profile-a-l/gnome-characters.profile +++ b/etc/profile-a-l/gnome-characters.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/org.gnome.Characters diff --git a/etc/profile-a-l/gnome-chess.profile b/etc/profile-a-l/gnome-chess.profile index c1d2a34c038..84a3cabd6b3 100644 --- a/etc/profile-a-l/gnome-chess.profile +++ b/etc/profile-a-l/gnome-chess.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc #mkdir ${HOME}/.local/share/gnome-chess diff --git a/etc/profile-a-l/gnome-hexgl.profile b/etc/profile-a-l/gnome-hexgl.profile index 59fe330a1af..5ae7bbe01f9 100644 --- a/etc/profile-a-l/gnome-hexgl.profile +++ b/etc/profile-a-l/gnome-hexgl.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/mesa_shader_cache diff --git a/etc/profile-a-l/gnome-passwordsafe.profile b/etc/profile-a-l/gnome-passwordsafe.profile index 555a59d93a2..615be7873cf 100644 --- a/etc/profile-a-l/gnome-passwordsafe.profile +++ b/etc/profile-a-l/gnome-passwordsafe.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/cracklib diff --git a/etc/profile-a-l/gnome-recipes.profile b/etc/profile-a-l/gnome-recipes.profile index 20c35537162..c4969590f3c 100644 --- a/etc/profile-a-l/gnome-recipes.profile +++ b/etc/profile-a-l/gnome-recipes.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.cache/gnome-recipes mkdir ${HOME}/.local/share/gnome-recipes diff --git a/etc/profile-a-l/gnome-system-log.profile b/etc/profile-a-l/gnome-system-log.profile index f597f5cd376..14b0f758eea 100644 --- a/etc/profile-a-l/gnome-system-log.profile +++ b/etc/profile-a-l/gnome-system-log.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /var/log diff --git a/etc/profile-a-l/gnome-todo.profile b/etc/profile-a-l/gnome-todo.profile index 4539250224e..2fab3dcc76b 100644 --- a/etc/profile-a-l/gnome-todo.profile +++ b/etc/profile-a-l/gnome-todo.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/gnome-todo diff --git a/etc/profile-a-l/gpicview.profile b/etc/profile-a-l/gpicview.profile index 578ccaef92b..a536e59859d 100644 --- a/etc/profile-a-l/gpicview.profile +++ b/etc/profile-a-l/gpicview.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc whitelist /usr/share/gpicview include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/gpredict.profile b/etc/profile-a-l/gpredict.profile index c1f1b53a0e6..3152db096cb 100644 --- a/etc/profile-a-l/gpredict.profile +++ b/etc/profile-a-l/gpredict.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/Gpredict whitelist ${HOME}/.config/Gpredict diff --git a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile index 7a1a9440e85..0cb3aa86440 100644 --- a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile +++ b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/gravity-beams-and-evaporating-stars diff --git a/etc/profile-a-l/gthumb.profile b/etc/profile-a-l/gthumb.profile index 77de598024c..de0fc96ae39 100644 --- a/etc/profile-a-l/gthumb.profile +++ b/etc/profile-a-l/gthumb.profile @@ -15,6 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all nodvd diff --git a/etc/profile-a-l/gtk-update-icon-cache.profile b/etc/profile-a-l/gtk-update-icon-cache.profile index ac2e9891b85..2051a8af6be 100644 --- a/etc/profile-a-l/gtk-update-icon-cache.profile +++ b/etc/profile-a-l/gtk-update-icon-cache.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/guayadeque.profile b/etc/profile-a-l/guayadeque.profile index 8ffd7ff58f5..8a7f6591806 100644 --- a/etc/profile-a-l/guayadeque.profile +++ b/etc/profile-a-l/guayadeque.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-a-l/gwenview.profile b/etc/profile-a-l/gwenview.profile index dee0ba9a2ec..ec83a2d9f54 100644 --- a/etc/profile-a-l/gwenview.profile +++ b/etc/profile-a-l/gwenview.profile @@ -23,6 +23,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/hexchat.profile b/etc/profile-a-l/hexchat.profile index 7723cbd6b5c..4c8911a06dc 100644 --- a/etc/profile-a-l/hexchat.profile +++ b/etc/profile-a-l/hexchat.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/hexchat diff --git a/etc/profile-a-l/highlight.profile b/etc/profile-a-l/highlight.profile index 8d2987b6292..0761aa2fc9a 100644 --- a/etc/profile-a-l/highlight.profile +++ b/etc/profile-a-l/highlight.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all net none diff --git a/etc/profile-a-l/hugin.profile b/etc/profile-a-l/hugin.profile index f8d9f999dd1..e03b6812851 100644 --- a/etc/profile-a-l/hugin.profile +++ b/etc/profile-a-l/hugin.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-a-l/hyperrogue.profile b/etc/profile-a-l/hyperrogue.profile index 1e3663b8f28..f2cb25edfb3 100644 --- a/etc/profile-a-l/hyperrogue.profile +++ b/etc/profile-a-l/hyperrogue.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/hyperrogue.ini diff --git a/etc/profile-a-l/iagno.profile b/etc/profile-a-l/iagno.profile index a99c603bda3..42fc7d44973 100644 --- a/etc/profile-a-l/iagno.profile +++ b/etc/profile-a-l/iagno.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/kcalc.profile b/etc/profile-a-l/kcalc.profile index 6f94777aab2..683ee08bd3a 100644 --- a/etc/profile-a-l/kcalc.profile +++ b/etc/profile-a-l/kcalc.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkfile ${HOME}/.config/kcalcrc mkfile ${HOME}/.kde/share/config/kcalcrc diff --git a/etc/profile-a-l/kdeinit4.profile b/etc/profile-a-l/kdeinit4.profile index 082045c62d8..f7235ea84ca 100644 --- a/etc/profile-a-l/kdeinit4.profile +++ b/etc/profile-a-l/kdeinit4.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/konversation.profile b/etc/profile-a-l/konversation.profile index dd3e9617fc5..e73ea0dd5f9 100644 --- a/etc/profile-a-l/konversation.profile +++ b/etc/profile-a-l/konversation.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/ktorrent.profile b/etc/profile-a-l/ktorrent.profile index 2eb46a7e8b4..1919d73bca2 100644 --- a/etc/profile-a-l/ktorrent.profile +++ b/etc/profile-a-l/ktorrent.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.kde/share/apps/ktorrent mkdir ${HOME}/.kde4/share/apps/ktorrent diff --git a/etc/profile-a-l/ktouch.profile b/etc/profile-a-l/ktouch.profile index b23b237303e..8d8bcdd7d46 100644 --- a/etc/profile-a-l/ktouch.profile +++ b/etc/profile-a-l/ktouch.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/.config/ktouch2rc diff --git a/etc/profile-a-l/kwin_x11.profile b/etc/profile-a-l/kwin_x11.profile index d512dd100bb..316a93d3040 100644 --- a/etc/profile-a-l/kwin_x11.profile +++ b/etc/profile-a-l/kwin_x11.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/kwrite.profile b/etc/profile-a-l/kwrite.profile index a71e3bfb986..7d39e89addd 100644 --- a/etc/profile-a-l/kwrite.profile +++ b/etc/profile-a-l/kwrite.profile @@ -21,6 +21,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/leafpad.profile b/etc/profile-a-l/leafpad.profile index c456541aaaa..eb23b200baf 100644 --- a/etc/profile-a-l/leafpad.profile +++ b/etc/profile-a-l/leafpad.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/lincity-ng.profile b/etc/profile-a-l/lincity-ng.profile index 624d4a8bde9..91bd12d0d1d 100644 --- a/etc/profile-a-l/lincity-ng.profile +++ b/etc/profile-a-l/lincity-ng.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.lincity-ng diff --git a/etc/profile-a-l/lugaru.profile b/etc/profile-a-l/lugaru.profile index 26157b94239..cd8f0e52966 100644 --- a/etc/profile-a-l/lugaru.profile +++ b/etc/profile-a-l/lugaru.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/lugaru diff --git a/etc/profile-m-z/Maelstrom.profile b/etc/profile-m-z/Maelstrom.profile index 5cf570f8029..77bce417963 100644 --- a/etc/profile-m-z/Maelstrom.profile +++ b/etc/profile-m-z/Maelstrom.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /var/lib/games diff --git a/etc/profile-m-z/QMediathekView.profile b/etc/profile-m-z/QMediathekView.profile index d1548a8642e..589dcfeb6d9 100644 --- a/etc/profile-m-z/QMediathekView.profile +++ b/etc/profile-m-z/QMediathekView.profile @@ -25,6 +25,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/qtchooser diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile index 8157cdff405..e2dcf17e092 100644 --- a/etc/profile-m-z/QOwnNotes.profile +++ b/etc/profile-m-z/QOwnNotes.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/Nextcloud/Notes diff --git a/etc/profile-m-z/macrofusion.profile b/etc/profile-m-z/macrofusion.profile index 3eef22f980e..2e0071b47c8 100644 --- a/etc/profile-m-z/macrofusion.profile +++ b/etc/profile-m-z/macrofusion.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/magicor.profile b/etc/profile-m-z/magicor.profile index 380a5995740..d26aed0bbe2 100644 --- a/etc/profile-m-z/magicor.profile +++ b/etc/profile-m-z/magicor.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.magicor diff --git a/etc/profile-m-z/manaplus.profile b/etc/profile-m-z/manaplus.profile index b29a489a6ff..eba77c8f2de 100644 --- a/etc/profile-m-z/manaplus.profile +++ b/etc/profile-m-z/manaplus.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/mana diff --git a/etc/profile-m-z/mate-color-select.profile b/etc/profile-m-z/mate-color-select.profile index f1a7ca18f6a..b6dc643d41f 100644 --- a/etc/profile-m-z/mate-color-select.profile +++ b/etc/profile-m-z/mate-color-select.profile @@ -11,6 +11,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-common.inc diff --git a/etc/profile-m-z/mate-dictionary.profile b/etc/profile-m-z/mate-dictionary.profile index 59f439c9146..2267bbb5099 100644 --- a/etc/profile-m-z/mate-dictionary.profile +++ b/etc/profile-m-z/mate-dictionary.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/mate/mate-dictionary whitelist ${HOME}/.config/mate/mate-dictionary diff --git a/etc/profile-m-z/mcabber.profile b/etc/profile-m-z/mcabber.profile index 134a6ae6378..b63de6c3e26 100644 --- a/etc/profile-m-z/mcabber.profile +++ b/etc/profile-m-z/mcabber.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all netfilter diff --git a/etc/profile-m-z/mediainfo.profile b/etc/profile-m-z/mediainfo.profile index c62d3f6d54e..be7c8cbca95 100644 --- a/etc/profile-m-z/mediainfo.profile +++ b/etc/profile-m-z/mediainfo.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile index be13e964368..84db8b785ee 100644 --- a/etc/profile-m-z/meld.profile +++ b/etc/profile-m-z/meld.profile @@ -35,6 +35,7 @@ include disable-interpreters.inc include disable-passwdmgr.inc # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-programs.inc. #include disable-programs.inc +include disable-shell.inc include whitelist-runuser-common.inc diff --git a/etc/profile-m-z/meteo-qt.profile b/etc/profile-m-z/meteo-qt.profile index f9466eb6189..c8b0a0ff1fb 100644 --- a/etc/profile-m-z/meteo-qt.profile +++ b/etc/profile-m-z/meteo-qt.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/meteo-qt diff --git a/etc/profile-m-z/mindless.profile b/etc/profile-m-z/mindless.profile index e6ea54522d5..6108c0b695e 100644 --- a/etc/profile-m-z/mindless.profile +++ b/etc/profile-m-z/mindless.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/mindless diff --git a/etc/profile-m-z/mirrormagic.profile b/etc/profile-m-z/mirrormagic.profile index ef074843652..ded84bf7e97 100644 --- a/etc/profile-m-z/mirrormagic.profile +++ b/etc/profile-m-z/mirrormagic.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.mirrormagic diff --git a/etc/profile-m-z/mousepad.profile b/etc/profile-m-z/mousepad.profile index 868313c40fa..5f15b71e293 100644 --- a/etc/profile-m-z/mousepad.profile +++ b/etc/profile-m-z/mousepad.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/mp3splt-gtk.profile b/etc/profile-m-z/mp3splt-gtk.profile index bf60773953b..3481a4a823f 100644 --- a/etc/profile-m-z/mp3splt-gtk.profile +++ b/etc/profile-m-z/mp3splt-gtk.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile index fd0351db0e6..4ba1dfbd643 100644 --- a/etc/profile-m-z/mpDris2.profile +++ b/etc/profile-m-z/mpDris2.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${MUSIC} diff --git a/etc/profile-m-z/mpsyt.profile b/etc/profile-m-z/mpsyt.profile index f30fd48ebb8..e0c6ff1c8b2 100644 --- a/etc/profile-m-z/mpsyt.profile +++ b/etc/profile-m-z/mpsyt.profile @@ -26,6 +26,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/mps-youtube diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index 8c463e7db6c..b0e493c5f78 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile @@ -27,6 +27,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/vulkan diff --git a/etc/profile-m-z/mumble.profile b/etc/profile-m-z/mumble.profile index a16934806e5..0c4efc3d3ee 100644 --- a/etc/profile-m-z/mumble.profile +++ b/etc/profile-m-z/mumble.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/Mumble mkdir ${HOME}/.local/share/data/Mumble diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile index cbf0d235d57..fd73cea89bd 100644 --- a/etc/profile-m-z/netactview.profile +++ b/etc/profile-m-z/netactview.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/.netactview diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile index 119b3023980..701098f4bc1 100644 --- a/etc/profile-m-z/nheko.profile +++ b/etc/profile-m-z/nheko.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/nheko mkdir ${HOME}/.cache/nheko/nheko diff --git a/etc/profile-m-z/nicotine.profile b/etc/profile-m-z/nicotine.profile index 7764edffbcf..6c363345e58 100644 --- a/etc/profile-m-z/nicotine.profile +++ b/etc/profile-m-z/nicotine.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.nicotine diff --git a/etc/profile-m-z/nyx.profile b/etc/profile-m-z/nyx.profile index df214ff2063..9e27dafab4c 100644 --- a/etc/profile-m-z/nyx.profile +++ b/etc/profile-m-z/nyx.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.nyx diff --git a/etc/profile-m-z/ocenaudio.profile b/etc/profile-m-z/ocenaudio.profile index 61fe14c085f..ae18cfff96a 100644 --- a/etc/profile-m-z/ocenaudio.profile +++ b/etc/profile-m-z/ocenaudio.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/odt2txt.profile b/etc/profile-m-z/odt2txt.profile index 3e4bd94b6c6..6201b6fbaed 100644 --- a/etc/profile-m-z/odt2txt.profile +++ b/etc/profile-m-z/odt2txt.profile @@ -15,6 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile index de82f82666a..d5eba909eef 100644 --- a/etc/profile-m-z/okular.profile +++ b/etc/profile-m-z/okular.profile @@ -24,6 +24,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/config.kcfg diff --git a/etc/profile-m-z/open-invaders.profile b/etc/profile-m-z/open-invaders.profile index de1ef780032..e18599d1d04 100644 --- a/etc/profile-m-z/open-invaders.profile +++ b/etc/profile-m-z/open-invaders.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.openinvaders whitelist ${HOME}/.openinvaders diff --git a/etc/profile-m-z/opencity.profile b/etc/profile-m-z/opencity.profile index 59a2d105519..cb8a511ad4d 100644 --- a/etc/profile-m-z/opencity.profile +++ b/etc/profile-m-z/opencity.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.opencity diff --git a/etc/profile-m-z/openclonk.profile b/etc/profile-m-z/openclonk.profile index 37f046df240..a6760617c9a 100644 --- a/etc/profile-m-z/openclonk.profile +++ b/etc/profile-m-z/openclonk.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.clonk diff --git a/etc/profile-m-z/openttd.profile b/etc/profile-m-z/openttd.profile index 57e3787aa5c..b71883d684c 100644 --- a/etc/profile-m-z/openttd.profile +++ b/etc/profile-m-z/openttd.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.openttd diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index 4cd4dae17d9..cc44d5a4837 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.ostrichriders diff --git a/etc/profile-m-z/pandoc.profile b/etc/profile-m-z/pandoc.profile index 354f6eab8d0..82f03d8f04e 100644 --- a/etc/profile-m-z/pandoc.profile +++ b/etc/profile-m-z/pandoc.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # breaks pdf output diff --git a/etc/profile-m-z/parole.profile b/etc/profile-m-z/parole.profile index e7a0694edbd..0a4422a7376 100644 --- a/etc/profile-m-z/parole.profile +++ b/etc/profile-m-z/parole.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile index 2bb85e3c66e..8663fb453ea 100644 --- a/etc/profile-m-z/patch.profile +++ b/etc/profile-m-z/patch.profile @@ -17,6 +17,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile index d9e4aedfb5d..eee42424fd2 100644 --- a/etc/profile-m-z/pdftotext.profile +++ b/etc/profile-m-z/pdftotext.profile @@ -16,6 +16,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${DOCUMENTS} diff --git a/etc/profile-m-z/penguin-command.profile b/etc/profile-m-z/penguin-command.profile index d4d3e914d7e..db0d84496bc 100644 --- a/etc/profile-m-z/penguin-command.profile +++ b/etc/profile-m-z/penguin-command.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc whitelist ${HOME}/.penguin-command include whitelist-common.inc diff --git a/etc/profile-m-z/pioneer.profile b/etc/profile-m-z/pioneer.profile index 8b1c5afb886..5f329195b2a 100644 --- a/etc/profile-m-z/pioneer.profile +++ b/etc/profile-m-z/pioneer.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.pioneer diff --git a/etc/profile-m-z/pithos.profile b/etc/profile-m-z/pithos.profile index ad56ce52584..0864dd0bc37 100644 --- a/etc/profile-m-z/pithos.profile +++ b/etc/profile-m-z/pithos.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-m-z/pix.profile b/etc/profile-m-z/pix.profile index 9864ed71891..a2c35beb501 100644 --- a/etc/profile-m-z/pix.profile +++ b/etc/profile-m-z/pix.profile @@ -15,6 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all nodvd diff --git a/etc/profile-m-z/pluma.profile b/etc/profile-m-z/pluma.profile index ea8550bdaea..5303eae8aab 100644 --- a/etc/profile-m-z/pluma.profile +++ b/etc/profile-m-z/pluma.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile index e9338d4b99c..83905b108ea 100644 --- a/etc/profile-m-z/pngquant.profile +++ b/etc/profile-m-z/pngquant.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-runuser-common.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/profanity.profile b/etc/profile-m-z/profanity.profile index b7aa2bf5263..a02bcd826a8 100644 --- a/etc/profile-m-z/profanity.profile +++ b/etc/profile-m-z/profanity.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/qbittorrent.profile b/etc/profile-m-z/qbittorrent.profile index 820dc72144b..81ec1bc6b7f 100644 --- a/etc/profile-m-z/qbittorrent.profile +++ b/etc/profile-m-z/qbittorrent.profile @@ -21,6 +21,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.cache/qBittorrent mkdir ${HOME}/.config/qBittorrent diff --git a/etc/profile-m-z/qmmp.profile b/etc/profile-m-z/qmmp.profile index 4dc6b6784a9..e1f67941731 100644 --- a/etc/profile-m-z/qmmp.profile +++ b/etc/profile-m-z/qmmp.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/qpdfview.profile b/etc/profile-m-z/qpdfview.profile index c082762ad12..80e34334a0a 100644 --- a/etc/profile-m-z/qpdfview.profile +++ b/etc/profile-m-z/qpdfview.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/qtox.profile b/etc/profile-m-z/qtox.profile index c8b77123d15..eb8e3e314ac 100644 --- a/etc/profile-m-z/qtox.profile +++ b/etc/profile-m-z/qtox.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/tox diff --git a/etc/profile-m-z/quiterss.profile b/etc/profile-m-z/quiterss.profile index 8dbdffdc8ca..366cff4ed08 100644 --- a/etc/profile-m-z/quiterss.profile +++ b/etc/profile-m-z/quiterss.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.cache/QuiteRss mkdir ${HOME}/.config/QuiteRss diff --git a/etc/profile-m-z/regextester.profile b/etc/profile-m-z/regextester.profile index 207156ba54b..6fb0d4b5f7f 100644 --- a/etc/profile-m-z/regextester.profile +++ b/etc/profile-m-z/regextester.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-passwdmgr.inc include disable-interpreters.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/com.github.artemanufrij.regextester diff --git a/etc/profile-m-z/ricochet.profile b/etc/profile-m-z/ricochet.profile index 1b8fbbc97d4..86e3fbfb5b3 100644 --- a/etc/profile-m-z/ricochet.profile +++ b/etc/profile-m-z/ricochet.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.local/share/Ricochet whitelist ${DOWNLOADS} diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index a39ff759a2b..95deed1191b 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile @@ -22,6 +22,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # Uncomment or add to rsync.local to enable extra hardening diff --git a/etc/profile-m-z/rtorrent.profile b/etc/profile-m-z/rtorrent.profile index 0b4d6e1b1d3..308c1c80222 100644 --- a/etc/profile-m-z/rtorrent.profile +++ b/etc/profile-m-z/rtorrent.profile @@ -12,6 +12,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all machine-id diff --git a/etc/profile-m-z/sayonara.profile b/etc/profile-m-z/sayonara.profile index 8f0544f3386..6557c0c4280 100644 --- a/etc/profile-m-z/sayonara.profile +++ b/etc/profile-m-z/sayonara.profile @@ -13,6 +13,7 @@ include disable-devel.inc include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/scorchwentbonkers.profile b/etc/profile-m-z/scorchwentbonkers.profile index 7cb57edce87..484ebc38e21 100644 --- a/etc/profile-m-z/scorchwentbonkers.profile +++ b/etc/profile-m-z/scorchwentbonkers.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.swb.ini diff --git a/etc/profile-m-z/sdat2img.profile b/etc/profile-m-z/sdat2img.profile index b45eff4cd7f..8d16cd07f8d 100644 --- a/etc/profile-m-z/sdat2img.profile +++ b/etc/profile-m-z/sdat2img.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/seahorse-adventures.profile b/etc/profile-m-z/seahorse-adventures.profile index 89572484475..cb2e5ef91fa 100644 --- a/etc/profile-m-z/seahorse-adventures.profile +++ b/etc/profile-m-z/seahorse-adventures.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/seahorse-adventures diff --git a/etc/profile-m-z/silentarmy.profile b/etc/profile-m-z/silentarmy.profile index cfc33d07482..220035ee7a6 100644 --- a/etc/profile-m-z/silentarmy.profile +++ b/etc/profile-m-z/silentarmy.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/slack.profile b/etc/profile-m-z/slack.profile index b2828fcb158..8ab3edd63fb 100644 --- a/etc/profile-m-z/slack.profile +++ b/etc/profile-m-z/slack.profile @@ -12,6 +12,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/Slack whitelist ${HOME}/.config/Slack diff --git a/etc/profile-m-z/smplayer.profile b/etc/profile-m-z/smplayer.profile index ac01c675b41..3fb6fc3499b 100644 --- a/etc/profile-m-z/smplayer.profile +++ b/etc/profile-m-z/smplayer.profile @@ -23,6 +23,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/smplayer diff --git a/etc/profile-m-z/sol.profile b/etc/profile-m-z/sol.profile index 8519de6df48..44fb8cfe2b7 100644 --- a/etc/profile-m-z/sol.profile +++ b/etc/profile-m-z/sol.profile @@ -11,6 +11,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # all necessary files in $HOME are in whitelist-common.inc diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index 01712081148..cdb20b4e007 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/stellarium.profile b/etc/profile-m-z/stellarium.profile index d6df2e0ad7f..3f93fe591f4 100644 --- a/etc/profile-m-z/stellarium.profile +++ b/etc/profile-m-z/stellarium.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/stellarium mkdir ${HOME}/.stellarium diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index 73877b1b531..ce69c8b4b2e 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile @@ -13,10 +13,11 @@ noblacklist ${HOME}/.local/share/supertuxkart include disable-common.inc include disable-devel.inc include disable-exec.inc +include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc -include disable-interpreters.inc mkdir ${HOME}/.config/supertuxkart mkdir ${HOME}/.cache/supertuxkart diff --git a/etc/profile-m-z/teeworlds.profile b/etc/profile-m-z/teeworlds.profile index 7765703de26..c0d62bec252 100644 --- a/etc/profile-m-z/teeworlds.profile +++ b/etc/profile-m-z/teeworlds.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.teeworlds diff --git a/etc/profile-m-z/tilp.profile b/etc/profile-m-z/tilp.profile index 4d38d5184cf..dd4a372c459 100644 --- a/etc/profile-m-z/tilp.profile +++ b/etc/profile-m-z/tilp.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all net none diff --git a/etc/profile-m-z/totem.profile b/etc/profile-m-z/totem.profile index d49ef0cb80c..2e758879e95 100644 --- a/etc/profile-m-z/totem.profile +++ b/etc/profile-m-z/totem.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile index cafc6e6d150..c31055cdcaf 100644 --- a/etc/profile-m-z/transgui.profile +++ b/etc/profile-m-z/transgui.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/transgui diff --git a/etc/profile-m-z/tremulous.profile b/etc/profile-m-z/tremulous.profile index 64bb8cba825..66a536008a8 100644 --- a/etc/profile-m-z/tremulous.profile +++ b/etc/profile-m-z/tremulous.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.tremulous diff --git a/etc/profile-m-z/uget-gtk.profile b/etc/profile-m-z/uget-gtk.profile index 8a2e83a1ae0..c8f28444f24 100644 --- a/etc/profile-m-z/uget-gtk.profile +++ b/etc/profile-m-z/uget-gtk.profile @@ -11,6 +11,7 @@ include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/uGet whitelist ${DOWNLOADS} diff --git a/etc/profile-m-z/unf.profile b/etc/profile-m-z/unf.profile index fbbe949e97d..bcd256ba3b2 100644 --- a/etc/profile-m-z/unf.profile +++ b/etc/profile-m-z/unf.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${DOWNLOADS} diff --git a/etc/profile-m-z/unrar.profile b/etc/profile-m-z/unrar.profile index 88a753d596e..e07a6fc937a 100644 --- a/etc/profile-m-z/unrar.profile +++ b/etc/profile-m-z/unrar.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all hostname unrar diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index b4b63882b7f..e08511c127d 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all hostname unzip diff --git a/etc/profile-m-z/utox.profile b/etc/profile-m-z/utox.profile index 9877ea889d0..cd43740046e 100644 --- a/etc/profile-m-z/utox.profile +++ b/etc/profile-m-z/utox.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/tox diff --git a/etc/profile-m-z/uudeview.profile b/etc/profile-m-z/uudeview.profile index 6b5f14cabb3..f60c134e0c2 100644 --- a/etc/profile-m-z/uudeview.profile +++ b/etc/profile-m-z/uudeview.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/viewnior.profile b/etc/profile-m-z/viewnior.profile index f009f634059..83727d42be8 100644 --- a/etc/profile-m-z/viewnior.profile +++ b/etc/profile-m-z/viewnior.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/warmux.profile b/etc/profile-m-z/warmux.profile index a3de3d444a6..aaef652fd90 100644 --- a/etc/profile-m-z/warmux.profile +++ b/etc/profile-m-z/warmux.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/wormux diff --git a/etc/profile-m-z/warsow.profile b/etc/profile-m-z/warsow.profile index 32d27e1b93a..d8cd5557ebb 100644 --- a/etc/profile-m-z/warsow.profile +++ b/etc/profile-m-z/warsow.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/warsow-2.1 diff --git a/etc/profile-m-z/warzone2100.profile b/etc/profile-m-z/warzone2100.profile index 25f401d8575..369c9cc1d5d 100644 --- a/etc/profile-m-z/warzone2100.profile +++ b/etc/profile-m-z/warzone2100.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc # mkdir ${HOME}/.warzone2100-3.1 # mkdir ${HOME}/.warzone2100-3.2 diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index 65723e68c2a..cdb8f0b934d 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile @@ -21,6 +21,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc # depending on workflow you can uncomment the below or put 'include disable-xdg.inc' in your wget.local #include disable-xdg.inc diff --git a/etc/profile-m-z/widelands.profile b/etc/profile-m-z/widelands.profile index 079e4eb966e..f1887855421 100644 --- a/etc/profile-m-z/widelands.profile +++ b/etc/profile-m-z/widelands.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.widelands diff --git a/etc/profile-m-z/wordwarvi.profile b/etc/profile-m-z/wordwarvi.profile index 6372654bd07..da1210bb84c 100644 --- a/etc/profile-m-z/wordwarvi.profile +++ b/etc/profile-m-z/wordwarvi.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.wordwarvi diff --git a/etc/profile-m-z/xbill.profile b/etc/profile-m-z/xbill.profile index 56d3cf40d22..cdfebfb2978 100644 --- a/etc/profile-m-z/xbill.profile +++ b/etc/profile-m-z/xbill.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/xbill diff --git a/etc/profile-m-z/xcalc.profile b/etc/profile-m-z/xcalc.profile index 294ad7c8057..56ce0149838 100644 --- a/etc/profile-m-z/xcalc.profile +++ b/etc/profile-m-z/xcalc.profile @@ -11,6 +11,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/xed.profile b/etc/profile-m-z/xed.profile index 64a50083fe8..b114f9ab5ea 100644 --- a/etc/profile-m-z/xed.profile +++ b/etc/profile-m-z/xed.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile index 5707dc4435b..6ff4a11031d 100644 --- a/etc/profile-m-z/xfce4-mixer.profile +++ b/etc/profile-m-z/xfce4-mixer.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml diff --git a/etc/profile-m-z/xiphos.profile b/etc/profile-m-z/xiphos.profile index 7114f046976..188589df3ac 100644 --- a/etc/profile-m-z/xiphos.profile +++ b/etc/profile-m-z/xiphos.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.sword mkdir ${HOME}/.xiphos diff --git a/etc/profile-m-z/xmms.profile b/etc/profile-m-z/xmms.profile index 7a11e12440a..9391f68de1c 100644 --- a/etc/profile-m-z/xmms.profile +++ b/etc/profile-m-z/xmms.profile @@ -13,6 +13,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/xmr-stak.profile b/etc/profile-m-z/xmr-stak.profile index c6ba9bd9de3..3278e295dc9 100644 --- a/etc/profile-m-z/xmr-stak.profile +++ b/etc/profile-m-z/xmr-stak.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.xmr-stak diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile index ba41d5bb34a..b842b530724 100644 --- a/etc/profile-m-z/xournal.profile +++ b/etc/profile-m-z/xournal.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/xournal diff --git a/etc/profile-m-z/xviewer.profile b/etc/profile-m-z/xviewer.profile index 59c8a44f29e..0ac0f665e2d 100644 --- a/etc/profile-m-z/xviewer.profile +++ b/etc/profile-m-z/xviewer.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index 7053f98e81e..c228a447ec6 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/yelp diff --git a/etc/profile-m-z/zart.profile b/etc/profile-m-z/zart.profile index 3fe3c8ce8a9..ca35e3b51d0 100644 --- a/etc/profile-m-z/zart.profile +++ b/etc/profile-m-z/zart.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile index ba0ea1032f6..5274e5b42b6 100644 --- a/etc/profile-m-z/zathura.profile +++ b/etc/profile-m-z/zathura.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/zathura diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile index fe5f077be57..2d0d944fdde 100644 --- a/etc/profile-m-z/zeal.profile +++ b/etc/profile-m-z/zeal.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/Zeal diff --git a/etc/profile-m-z/zulip.profile b/etc/profile-m-z/zulip.profile index 999c2f77ac7..993f2a64b96 100644 --- a/etc/profile-m-z/zulip.profile +++ b/etc/profile-m-z/zulip.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/Zulip From 96b64735307f567283503d3b126720bca0cc883a Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Fri, 15 May 2020 19:08:16 +0200 Subject: [PATCH 3/4] add it to some more profiles --- etc/profile-a-l/evince.profile | 1 + etc/profile-a-l/ffmpeg.profile | 1 + etc/profile-a-l/flameshot.profile | 1 + etc/profile-a-l/gnome-calculator.profile | 1 + etc/profile-a-l/gnome-clocks.profile | 1 + etc/profile-a-l/gnome-logs.profile | 1 + etc/profile-a-l/gnome-maps.profile | 1 + etc/profile-a-l/gnome-screenshot.profile | 1 + etc/profile-a-l/gnome_games-common.profile | 1 + etc/profile-a-l/gucharmap.profile | 1 + etc/profile-a-l/keepassxc.profile | 1 + etc/profile-m-z/rhythmbox.profile | 1 + etc/profile-m-z/tracker.profile | 1 + 13 files changed, 13 insertions(+) diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index 04964ce3383..77a48f0bae2 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/doc diff --git a/etc/profile-a-l/ffmpeg.profile b/etc/profile-a-l/ffmpeg.profile index 37c46e7d642..fb5c9ee570d 100644 --- a/etc/profile-a-l/ffmpeg.profile +++ b/etc/profile-a-l/ffmpeg.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/devedeng diff --git a/etc/profile-a-l/flameshot.profile b/etc/profile-a-l/flameshot.profile index 5a69684b58e..207f8707486 100644 --- a/etc/profile-a-l/flameshot.profile +++ b/etc/profile-a-l/flameshot.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-runuser-common.inc diff --git a/etc/profile-a-l/gnome-calculator.profile b/etc/profile-a-l/gnome-calculator.profile index a18a123d328..bc6626598ae 100644 --- a/etc/profile-a-l/gnome-calculator.profile +++ b/etc/profile-a-l/gnome-calculator.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-passwdmgr.inc include disable-interpreters.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/gnome-clocks.profile b/etc/profile-a-l/gnome-clocks.profile index b865423c502..fc899178f9d 100644 --- a/etc/profile-a-l/gnome-clocks.profile +++ b/etc/profile-a-l/gnome-clocks.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/gnome-clocks diff --git a/etc/profile-a-l/gnome-logs.profile b/etc/profile-a-l/gnome-logs.profile index 4b6453015a4..41218d3f7c3 100644 --- a/etc/profile-a-l/gnome-logs.profile +++ b/etc/profile-a-l/gnome-logs.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /var/log/journal diff --git a/etc/profile-a-l/gnome-maps.profile b/etc/profile-a-l/gnome-maps.profile index 1366d1e1e10..eb0030ddae4 100644 --- a/etc/profile-a-l/gnome-maps.profile +++ b/etc/profile-a-l/gnome-maps.profile @@ -24,6 +24,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/champlain diff --git a/etc/profile-a-l/gnome-screenshot.profile b/etc/profile-a-l/gnome-screenshot.profile index fe6bc025d12..82fb1b6589d 100644 --- a/etc/profile-a-l/gnome-screenshot.profile +++ b/etc/profile-a-l/gnome-screenshot.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/gnome_games-common.profile b/etc/profile-a-l/gnome_games-common.profile index 5a17d0ff836..c46fbc1d937 100644 --- a/etc/profile-a-l/gnome_games-common.profile +++ b/etc/profile-a-l/gnome_games-common.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/gucharmap.profile b/etc/profile-a-l/gucharmap.profile index 624914759f1..c0254b5ec10 100644 --- a/etc/profile-a-l/gucharmap.profile +++ b/etc/profile-a-l/gucharmap.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/keepassxc.profile b/etc/profile-a-l/keepassxc.profile index 9458edf33c2..d1893e41284 100644 --- a/etc/profile-a-l/keepassxc.profile +++ b/etc/profile-a-l/keepassxc.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/keepassxc diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile index f3939685a24..b76f2b947d3 100644 --- a/etc/profile-m-z/rhythmbox.profile +++ b/etc/profile-m-z/rhythmbox.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/rhythmbox diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile index 9030b1e01a3..87c5de07646 100644 --- a/etc/profile-m-z/tracker.profile +++ b/etc/profile-m-z/tracker.profile @@ -16,6 +16,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-runuser-common.inc From 163605ad343794779ab0ea9b54f00ddb7a14e7e5 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Mon, 1 Jun 2020 16:04:38 +0200 Subject: [PATCH 4/4] exclude aria2c.profile [skip ci] --- etc/profile-a-l/aria2c.profile | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/profile-a-l/aria2c.profile b/etc/profile-a-l/aria2c.profile index 7c3ea7d979a..d2dcaace1e6 100644 --- a/etc/profile-a-l/aria2c.profile +++ b/etc/profile-a-l/aria2c.profile @@ -19,7 +19,6 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc -include disable-shell.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc