diff options
Diffstat (limited to 'profiles/hg.profile')
| -rw-r--r-- | profiles/hg.profile | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/profiles/hg.profile b/profiles/hg.profile index ac5943d..c72365f 100644 --- a/profiles/hg.profile +++ b/profiles/hg.profile @@ -17,12 +17,17 @@ noblacklist ${HOME}/.oh-my-zsh noblacklist ${HOME}/.vim noblacklist ${HOME}/.viminfo +# Allow ssh (blacklisted by disable-common.inc) +include allow-ssh.inc + +blacklist /tmp/.X11-unix +blacklist ${RUNUSER}/wayland-* + include disable-common.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc -blacklist /tmp/.X11-unix - whitelist ${HOME}/.config/nano whitelist ${HOME}/.emacs whitelist ${HOME}/.emacs.d @@ -40,15 +45,18 @@ whitelist ${HOME}/build whitelist ${HOME}/workspace caps.drop all +ipc-namespace machine-id netfilter no3d nodvd nogroups +noinput nonewprivs noroot nosound notv +nou2f novideo protocol inet,inet6 #protocol unix,inet,inet6 @@ -56,4 +64,8 @@ seccomp shell none private-bin hg,python2 +private-cache private-dev + +memory-deny-write-execute + |