From 7f244b1f0f71418f5f90dd0a974e9037a7a99f45 Mon Sep 17 00:00:00 2001 From: pirate486743186 Date: Sat, 5 Jun 2021 19:27:10 +0200 Subject: [PATCH 1/2] tightening zathura profile --- etc/profile-m-z/zathura.profile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile index a397296850d..dac26964b93 100644 --- a/etc/profile-m-z/zathura.profile +++ b/etc/profile-m-z/zathura.profile @@ -17,6 +17,7 @@ include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc include disable-shell.inc +include disable-write-mnt.inc include disable-xdg.inc mkdir ${HOME}/.config/zathura @@ -25,6 +26,7 @@ whitelist /usr/share/doc whitelist /usr/share/zathura include whitelist-usr-share-common.inc include whitelist-var-common.inc +include whitelist-runuser-common.inc apparmor caps.drop all @@ -41,6 +43,7 @@ nou2f novideo protocol unix seccomp +seccomp.block-secondary shell none tracelog From c9d360163cc194c4fc0dc21c04fea4b71604eaf9 Mon Sep 17 00:00:00 2001 From: pirate486743186 Date: Sat, 5 Jun 2021 19:38:31 +0200 Subject: [PATCH 2/2] sort --- etc/profile-m-z/zathura.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile index dac26964b93..d0e68c980ef 100644 --- a/etc/profile-m-z/zathura.profile +++ b/etc/profile-m-z/zathura.profile @@ -24,9 +24,9 @@ mkdir ${HOME}/.config/zathura mkdir ${HOME}/.local/share/zathura whitelist /usr/share/doc whitelist /usr/share/zathura +include whitelist-runuser-common.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc -include whitelist-runuser-common.inc apparmor caps.drop all