From 2c914c7d25698140feec0fb7920de7fa887390d5 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Thu, 4 Jun 2020 11:55:32 +0000 Subject: [PATCH] disable-shell.inc (#3411) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * disable-shell.inc * add disable-shell.inc to all profiles with a … … private-bin line without bash/sh except profiles with redirect profiles. * add it to some more profiles * exclude aria2c.profile --- etc/inc/disable-shell.inc | 13 +++++++++++++ etc/profile-a-l/abiword.profile | 1 + etc/profile-a-l/akregator.profile | 1 + etc/profile-a-l/anki.profile | 1 + etc/profile-a-l/anydesk.profile | 3 ++- etc/profile-a-l/ar.profile | 1 + etc/profile-a-l/arch-audit.profile | 1 + etc/profile-a-l/artha.profile | 1 + etc/profile-a-l/assogiate.profile | 1 + etc/profile-a-l/audacity.profile | 1 + etc/profile-a-l/aweather.profile | 1 + etc/profile-a-l/baobab.profile | 1 + etc/profile-a-l/bitcoin-qt.profile | 1 + etc/profile-a-l/bitwarden.profile | 1 + etc/profile-a-l/blobwars.profile | 1 + etc/profile-a-l/bzflag.profile | 1 + etc/profile-a-l/cameramonitor.profile | 1 + etc/profile-a-l/cantata.profile | 1 + etc/profile-a-l/cmus.profile | 1 + etc/profile-a-l/com.github.dahenson.agenda.profile | 1 + .../com.github.johnfactotum.Foliate.profile | 1 + etc/profile-a-l/corebird.profile | 1 + etc/profile-a-l/cower.profile | 1 + etc/profile-a-l/crow.profile | 1 + etc/profile-a-l/d-feet.profile | 1 + etc/profile-a-l/dconf-editor.profile | 1 + etc/profile-a-l/devhelp.profile | 1 + etc/profile-a-l/dino.profile | 1 + etc/profile-a-l/display.profile | 1 + etc/profile-a-l/dosbox.profile | 1 + etc/profile-a-l/dragon.profile | 1 + etc/profile-a-l/drawio.profile | 1 + etc/profile-a-l/electron-mail.profile | 1 + etc/profile-a-l/electrum.profile | 1 + etc/profile-a-l/etr.profile | 1 + etc/profile-a-l/evince.profile | 1 + etc/profile-a-l/exfalso.profile | 1 + etc/profile-a-l/fbreader.profile | 1 + etc/profile-a-l/feh.profile | 1 + etc/profile-a-l/ffmpeg.profile | 1 + etc/profile-a-l/flameshot.profile | 1 + etc/profile-a-l/font-manager.profile | 1 + etc/profile-a-l/galculator.profile | 1 + etc/profile-a-l/gfeeds.profile | 1 + etc/profile-a-l/ghostwriter.profile | 1 + etc/profile-a-l/gnome-calculator.profile | 1 + etc/profile-a-l/gnome-characters.profile | 1 + etc/profile-a-l/gnome-chess.profile | 1 + etc/profile-a-l/gnome-clocks.profile | 1 + etc/profile-a-l/gnome-hexgl.profile | 1 + etc/profile-a-l/gnome-logs.profile | 1 + etc/profile-a-l/gnome-maps.profile | 1 + etc/profile-a-l/gnome-passwordsafe.profile | 1 + etc/profile-a-l/gnome-recipes.profile | 1 + etc/profile-a-l/gnome-screenshot.profile | 1 + etc/profile-a-l/gnome-system-log.profile | 1 + etc/profile-a-l/gnome-todo.profile | 1 + etc/profile-a-l/gnome_games-common.profile | 1 + etc/profile-a-l/gpicview.profile | 1 + etc/profile-a-l/gpredict.profile | 1 + .../gravity-beams-and-evaporating-stars.profile | 1 + etc/profile-a-l/gthumb.profile | 1 + etc/profile-a-l/gtk-update-icon-cache.profile | 1 + etc/profile-a-l/guayadeque.profile | 1 + etc/profile-a-l/gucharmap.profile | 1 + etc/profile-a-l/gwenview.profile | 1 + etc/profile-a-l/hexchat.profile | 1 + etc/profile-a-l/highlight.profile | 1 + etc/profile-a-l/hugin.profile | 1 + etc/profile-a-l/hyperrogue.profile | 1 + etc/profile-a-l/iagno.profile | 1 + etc/profile-a-l/kcalc.profile | 1 + etc/profile-a-l/kdeinit4.profile | 1 + etc/profile-a-l/keepassxc.profile | 1 + etc/profile-a-l/konversation.profile | 1 + etc/profile-a-l/ktorrent.profile | 1 + etc/profile-a-l/ktouch.profile | 1 + etc/profile-a-l/kwin_x11.profile | 1 + etc/profile-a-l/kwrite.profile | 1 + etc/profile-a-l/leafpad.profile | 1 + etc/profile-a-l/lincity-ng.profile | 1 + etc/profile-a-l/lugaru.profile | 1 + etc/profile-m-z/Maelstrom.profile | 1 + etc/profile-m-z/QMediathekView.profile | 1 + etc/profile-m-z/QOwnNotes.profile | 1 + etc/profile-m-z/macrofusion.profile | 1 + etc/profile-m-z/magicor.profile | 1 + etc/profile-m-z/manaplus.profile | 1 + etc/profile-m-z/mate-color-select.profile | 1 + etc/profile-m-z/mate-dictionary.profile | 1 + etc/profile-m-z/mcabber.profile | 1 + etc/profile-m-z/mediainfo.profile | 1 + etc/profile-m-z/meld.profile | 1 + etc/profile-m-z/meteo-qt.profile | 1 + etc/profile-m-z/mindless.profile | 1 + etc/profile-m-z/minetest.profile | 1 + etc/profile-m-z/mirrormagic.profile | 1 + etc/profile-m-z/mousepad.profile | 1 + etc/profile-m-z/mp3splt-gtk.profile | 1 + etc/profile-m-z/mpDris2.profile | 1 + etc/profile-m-z/mpsyt.profile | 1 + etc/profile-m-z/mpv.profile | 1 + etc/profile-m-z/mumble.profile | 1 + etc/profile-m-z/netactview.profile | 1 + etc/profile-m-z/nheko.profile | 1 + etc/profile-m-z/nicotine.profile | 1 + etc/profile-m-z/nyx.profile | 1 + etc/profile-m-z/ocenaudio.profile | 1 + etc/profile-m-z/odt2txt.profile | 1 + etc/profile-m-z/okular.profile | 1 + etc/profile-m-z/open-invaders.profile | 1 + etc/profile-m-z/opencity.profile | 1 + etc/profile-m-z/openclonk.profile | 1 + etc/profile-m-z/openttd.profile | 1 + etc/profile-m-z/ostrichriders.profile | 1 + etc/profile-m-z/pandoc.profile | 1 + etc/profile-m-z/parole.profile | 1 + etc/profile-m-z/patch.profile | 1 + etc/profile-m-z/pdftotext.profile | 1 + etc/profile-m-z/penguin-command.profile | 1 + etc/profile-m-z/pioneer.profile | 1 + etc/profile-m-z/pithos.profile | 1 + etc/profile-m-z/pix.profile | 1 + etc/profile-m-z/pluma.profile | 1 + etc/profile-m-z/pngquant.profile | 1 + etc/profile-m-z/profanity.profile | 1 + etc/profile-m-z/qbittorrent.profile | 1 + etc/profile-m-z/qmmp.profile | 1 + etc/profile-m-z/qpdfview.profile | 1 + etc/profile-m-z/qtox.profile | 1 + etc/profile-m-z/quiterss.profile | 1 + etc/profile-m-z/regextester.profile | 1 + etc/profile-m-z/rhythmbox.profile | 1 + etc/profile-m-z/ricochet.profile | 1 + etc/profile-m-z/rsync-download_only.profile | 1 + etc/profile-m-z/rtorrent.profile | 1 + etc/profile-m-z/sayonara.profile | 1 + etc/profile-m-z/scorchwentbonkers.profile | 1 + etc/profile-m-z/sdat2img.profile | 1 + etc/profile-m-z/seahorse-adventures.profile | 1 + etc/profile-m-z/silentarmy.profile | 1 + etc/profile-m-z/slack.profile | 1 + etc/profile-m-z/smplayer.profile | 1 + etc/profile-m-z/sol.profile | 1 + etc/profile-m-z/sqlitebrowser.profile | 1 + etc/profile-m-z/stellarium.profile | 1 + etc/profile-m-z/strings.profile | 1 + etc/profile-m-z/supertuxkart.profile | 3 ++- etc/profile-m-z/teeworlds.profile | 1 + etc/profile-m-z/tilp.profile | 1 + etc/profile-m-z/totem.profile | 1 + etc/profile-m-z/tracker.profile | 1 + etc/profile-m-z/transgui.profile | 1 + etc/profile-m-z/tremulous.profile | 1 + etc/profile-m-z/uget-gtk.profile | 1 + etc/profile-m-z/unf.profile | 1 + etc/profile-m-z/unrar.profile | 1 + etc/profile-m-z/unzip.profile | 1 + etc/profile-m-z/utox.profile | 1 + etc/profile-m-z/uudeview.profile | 1 + etc/profile-m-z/viewnior.profile | 1 + etc/profile-m-z/warmux.profile | 1 + etc/profile-m-z/warsow.profile | 1 + etc/profile-m-z/warzone2100.profile | 1 + etc/profile-m-z/wget.profile | 1 + etc/profile-m-z/widelands.profile | 1 + etc/profile-m-z/wordwarvi.profile | 1 + etc/profile-m-z/xbill.profile | 1 + etc/profile-m-z/xcalc.profile | 1 + etc/profile-m-z/xed.profile | 1 + etc/profile-m-z/xfce4-mixer.profile | 1 + etc/profile-m-z/xiphos.profile | 1 + etc/profile-m-z/xmms.profile | 1 + etc/profile-m-z/xmr-stak.profile | 1 + etc/profile-m-z/xournal.profile | 1 + etc/profile-m-z/xviewer.profile | 1 + etc/profile-m-z/yelp.profile | 1 + etc/profile-m-z/youtube-dl.profile | 1 + etc/profile-m-z/zart.profile | 1 + etc/profile-m-z/zathura.profile | 1 + etc/profile-m-z/zeal.profile | 1 + etc/profile-m-z/zulip.profile | 1 + etc/templates/profile.template | 1 + 183 files changed, 197 insertions(+), 2 deletions(-) create mode 100644 etc/inc/disable-shell.inc diff --git a/etc/inc/disable-shell.inc b/etc/inc/disable-shell.inc new file mode 100644 index 000000000..fda528eb6 --- /dev/null +++ b/etc/inc/disable-shell.inc @@ -0,0 +1,13 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include disable-shell.local + +blacklist ${PATH}/bash +blacklist ${PATH}/csh +blacklist ${PATH}/dash +blacklist ${PATH}/fish +blacklist ${PATH}/ksh +blacklist ${PATH}/sh +blacklist ${PATH}/tclsh +blacklist ${PATH}/tcsh +blacklist ${PATH}/zsh diff --git a/etc/profile-a-l/abiword.profile b/etc/profile-a-l/abiword.profile index 948d3774a..1fdc9e9fe 100644 --- a/etc/profile-a-l/abiword.profile +++ b/etc/profile-a-l/abiword.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc whitelist /usr/share/abiword-3.0 include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/akregator.profile b/etc/profile-a-l/akregator.profile index 34933f283..377c43804 100644 --- a/etc/profile-a-l/akregator.profile +++ b/etc/profile-a-l/akregator.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkfile ${HOME}/.config/akregatorrc mkdir ${HOME}/.local/share/akregator diff --git a/etc/profile-a-l/anki.profile b/etc/profile-a-l/anki.profile index fa688f1a5..61e5f2eea 100644 --- a/etc/profile-a-l/anki.profile +++ b/etc/profile-a-l/anki.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.local/share/Anki2 diff --git a/etc/profile-a-l/anydesk.profile b/etc/profile-a-l/anydesk.profile index 35b18bab4..c847a04dc 100644 --- a/etc/profile-a-l/anydesk.profile +++ b/etc/profile-a-l/anydesk.profile @@ -9,9 +9,10 @@ noblacklist ${HOME}/.anydesk include disable-common.inc include disable-devel.inc +include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc -include disable-interpreters.inc +include disable-shell.inc mkdir ${HOME}/.anydesk whitelist ${HOME}/.anydesk diff --git a/etc/profile-a-l/ar.profile b/etc/profile-a-l/ar.profile index 6ed60ffe5..183587ff8 100644 --- a/etc/profile-a-l/ar.profile +++ b/etc/profile-a-l/ar.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc apparmor caps.drop all diff --git a/etc/profile-a-l/arch-audit.profile b/etc/profile-a-l/arch-audit.profile index 324730bde..934b89404 100644 --- a/etc/profile-a-l/arch-audit.profile +++ b/etc/profile-a-l/arch-audit.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/arch-audit diff --git a/etc/profile-a-l/artha.profile b/etc/profile-a-l/artha.profile index 19a4771aa..adb33fae1 100644 --- a/etc/profile-a-l/artha.profile +++ b/etc/profile-a-l/artha.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # whitelisting in ${HOME} makes settings immutable, see #3112 diff --git a/etc/profile-a-l/assogiate.profile b/etc/profile-a-l/assogiate.profile index da72a4a73..2686839ef 100644 --- a/etc/profile-a-l/assogiate.profile +++ b/etc/profile-a-l/assogiate.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${PICTURES} diff --git a/etc/profile-a-l/audacity.profile b/etc/profile-a-l/audacity.profile index 5a454d31d..a11e59553 100644 --- a/etc/profile-a-l/audacity.profile +++ b/etc/profile-a-l/audacity.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/aweather.profile b/etc/profile-a-l/aweather.profile index d7228570f..44c3110a0 100644 --- a/etc/profile-a-l/aweather.profile +++ b/etc/profile-a-l/aweather.profile @@ -13,6 +13,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/aweather whitelist ${HOME}/.config/aweather diff --git a/etc/profile-a-l/baobab.profile b/etc/profile-a-l/baobab.profile index 50f7531c0..3937e1966 100644 --- a/etc/profile-a-l/baobab.profile +++ b/etc/profile-a-l/baobab.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc # include disable-programs.inc +include disable-shell.inc # include disable-xdg.inc include whitelist-runuser-common.inc diff --git a/etc/profile-a-l/bitcoin-qt.profile b/etc/profile-a-l/bitcoin-qt.profile index ac1e21ba7..3a3f2b62c 100644 --- a/etc/profile-a-l/bitcoin-qt.profile +++ b/etc/profile-a-l/bitcoin-qt.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.bitcoin mkdir ${HOME}/.config/Bitcoin diff --git a/etc/profile-a-l/bitwarden.profile b/etc/profile-a-l/bitwarden.profile index 3095e7505..41f8e51fd 100644 --- a/etc/profile-a-l/bitwarden.profile +++ b/etc/profile-a-l/bitwarden.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/Bitwarden diff --git a/etc/profile-a-l/blobwars.profile b/etc/profile-a-l/blobwars.profile index 2a56bdf94..d43a9d241 100644 --- a/etc/profile-a-l/blobwars.profile +++ b/etc/profile-a-l/blobwars.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.parallelrealities/blobwars diff --git a/etc/profile-a-l/bzflag.profile b/etc/profile-a-l/bzflag.profile index 1f56d5169..f06bead1e 100644 --- a/etc/profile-a-l/bzflag.profile +++ b/etc/profile-a-l/bzflag.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.bzf diff --git a/etc/profile-a-l/cameramonitor.profile b/etc/profile-a-l/cameramonitor.profile index f48cc43a1..74c7cc34b 100644 --- a/etc/profile-a-l/cameramonitor.profile +++ b/etc/profile-a-l/cameramonitor.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/cameramonitor diff --git a/etc/profile-a-l/cantata.profile b/etc/profile-a-l/cantata.profile index c44d56b90..294bb31b3 100644 --- a/etc/profile-a-l/cantata.profile +++ b/etc/profile-a-l/cantata.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # apparmor diff --git a/etc/profile-a-l/cmus.profile b/etc/profile-a-l/cmus.profile index fa1e5d722..bcd557787 100644 --- a/etc/profile-a-l/cmus.profile +++ b/etc/profile-a-l/cmus.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-a-l/com.github.dahenson.agenda.profile b/etc/profile-a-l/com.github.dahenson.agenda.profile index 6df9627b3..1fd2270ab 100644 --- a/etc/profile-a-l/com.github.dahenson.agenda.profile +++ b/etc/profile-a-l/com.github.dahenson.agenda.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/agenda diff --git a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile index 39a9a360d..c1800fe4c 100644 --- a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile +++ b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/com.github.johnfactotum.Foliate diff --git a/etc/profile-a-l/corebird.profile b/etc/profile-a-l/corebird.profile index dbb043c17..e9a2c9441 100644 --- a/etc/profile-a-l/corebird.profile +++ b/etc/profile-a-l/corebird.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/cower.profile b/etc/profile-a-l/cower.profile index 8efe48240..0ab5a7f78 100644 --- a/etc/profile-a-l/cower.profile +++ b/etc/profile-a-l/cower.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # This profile could be significantly strengthened by adding the following to cower.local diff --git a/etc/profile-a-l/crow.profile b/etc/profile-a-l/crow.profile index 755b6e9f8..db4be7679 100644 --- a/etc/profile-a-l/crow.profile +++ b/etc/profile-a-l/crow.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/d-feet.profile b/etc/profile-a-l/d-feet.profile index 51df7b455..7e622799a 100644 --- a/etc/profile-a-l/d-feet.profile +++ b/etc/profile-a-l/d-feet.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/d-feet diff --git a/etc/profile-a-l/dconf-editor.profile b/etc/profile-a-l/dconf-editor.profile index 62379d3ef..d6541850d 100644 --- a/etc/profile-a-l/dconf-editor.profile +++ b/etc/profile-a-l/dconf-editor.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${HOME}/.local/share/glib-2.0 diff --git a/etc/profile-a-l/devhelp.profile b/etc/profile-a-l/devhelp.profile index f3c012acb..b8b07469d 100644 --- a/etc/profile-a-l/devhelp.profile +++ b/etc/profile-a-l/devhelp.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/devhelp diff --git a/etc/profile-a-l/dino.profile b/etc/profile-a-l/dino.profile index 82ddf2819..d06ca042e 100644 --- a/etc/profile-a-l/dino.profile +++ b/etc/profile-a-l/dino.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.local/share/dino whitelist ${HOME}/.local/share/dino diff --git a/etc/profile-a-l/display.profile b/etc/profile-a-l/display.profile index 2ae4edced..9de634da9 100644 --- a/etc/profile-a-l/display.profile +++ b/etc/profile-a-l/display.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/dosbox.profile b/etc/profile-a-l/dosbox.profile index 17ccc9b9a..11b9a4f42 100644 --- a/etc/profile-a-l/dosbox.profile +++ b/etc/profile-a-l/dosbox.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/dragon.profile b/etc/profile-a-l/dragon.profile index df839cc47..d355cd121 100644 --- a/etc/profile-a-l/dragon.profile +++ b/etc/profile-a-l/dragon.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/dragonplayer diff --git a/etc/profile-a-l/drawio.profile b/etc/profile-a-l/drawio.profile index 4132caa4f..4d723c8aa 100644 --- a/etc/profile-a-l/drawio.profile +++ b/etc/profile-a-l/drawio.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/draw.io diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile index d5def68c2..39366470f 100644 --- a/etc/profile-a-l/electron-mail.profile +++ b/etc/profile-a-l/electron-mail.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/electron-mail diff --git a/etc/profile-a-l/electrum.profile b/etc/profile-a-l/electrum.profile index bcc84ddb8..73c19f380 100644 --- a/etc/profile-a-l/electrum.profile +++ b/etc/profile-a-l/electrum.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.electrum diff --git a/etc/profile-a-l/etr.profile b/etc/profile-a-l/etr.profile index 72f588366..1c34335d2 100644 --- a/etc/profile-a-l/etr.profile +++ b/etc/profile-a-l/etr.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.etr diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index 04964ce33..77a48f0ba 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/doc diff --git a/etc/profile-a-l/exfalso.profile b/etc/profile-a-l/exfalso.profile index 0b961f534..192858304 100644 --- a/etc/profile-a-l/exfalso.profile +++ b/etc/profile-a-l/exfalso.profile @@ -22,6 +22,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.quodlibet diff --git a/etc/profile-a-l/fbreader.profile b/etc/profile-a-l/fbreader.profile index af670cee2..e9fcc2231 100644 --- a/etc/profile-a-l/fbreader.profile +++ b/etc/profile-a-l/fbreader.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/feh.profile b/etc/profile-a-l/feh.profile index 91123fa0e..3ee07e559 100644 --- a/etc/profile-a-l/feh.profile +++ b/etc/profile-a-l/feh.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc # This profile disables network access # In order to enable network access, diff --git a/etc/profile-a-l/ffmpeg.profile b/etc/profile-a-l/ffmpeg.profile index 37c46e7d6..fb5c9ee57 100644 --- a/etc/profile-a-l/ffmpeg.profile +++ b/etc/profile-a-l/ffmpeg.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/devedeng diff --git a/etc/profile-a-l/flameshot.profile b/etc/profile-a-l/flameshot.profile index 5a69684b5..207f87074 100644 --- a/etc/profile-a-l/flameshot.profile +++ b/etc/profile-a-l/flameshot.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-runuser-common.inc diff --git a/etc/profile-a-l/font-manager.profile b/etc/profile-a-l/font-manager.profile index ae0e32d1e..acad6ad13 100644 --- a/etc/profile-a-l/font-manager.profile +++ b/etc/profile-a-l/font-manager.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/font-manager diff --git a/etc/profile-a-l/galculator.profile b/etc/profile-a-l/galculator.profile index 404d89742..89f20b923 100644 --- a/etc/profile-a-l/galculator.profile +++ b/etc/profile-a-l/galculator.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/galculator diff --git a/etc/profile-a-l/gfeeds.profile b/etc/profile-a-l/gfeeds.profile index 587a12a93..d97ab530b 100644 --- a/etc/profile-a-l/gfeeds.profile +++ b/etc/profile-a-l/gfeeds.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/gfeeds diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 1d5398403..d7b46263d 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/ghostwriter diff --git a/etc/profile-a-l/gnome-calculator.profile b/etc/profile-a-l/gnome-calculator.profile index a18a123d3..bc6626598 100644 --- a/etc/profile-a-l/gnome-calculator.profile +++ b/etc/profile-a-l/gnome-calculator.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-passwdmgr.inc include disable-interpreters.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/gnome-characters.profile b/etc/profile-a-l/gnome-characters.profile index 3d7a2e4a6..f4f3ae2d7 100644 --- a/etc/profile-a-l/gnome-characters.profile +++ b/etc/profile-a-l/gnome-characters.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/org.gnome.Characters diff --git a/etc/profile-a-l/gnome-chess.profile b/etc/profile-a-l/gnome-chess.profile index c1d2a34c0..84a3cabd6 100644 --- a/etc/profile-a-l/gnome-chess.profile +++ b/etc/profile-a-l/gnome-chess.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc #mkdir ${HOME}/.local/share/gnome-chess diff --git a/etc/profile-a-l/gnome-clocks.profile b/etc/profile-a-l/gnome-clocks.profile index b865423c5..fc899178f 100644 --- a/etc/profile-a-l/gnome-clocks.profile +++ b/etc/profile-a-l/gnome-clocks.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/gnome-clocks diff --git a/etc/profile-a-l/gnome-hexgl.profile b/etc/profile-a-l/gnome-hexgl.profile index 59fe330a1..5ae7bbe01 100644 --- a/etc/profile-a-l/gnome-hexgl.profile +++ b/etc/profile-a-l/gnome-hexgl.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/mesa_shader_cache diff --git a/etc/profile-a-l/gnome-logs.profile b/etc/profile-a-l/gnome-logs.profile index 4b6453015..41218d3f7 100644 --- a/etc/profile-a-l/gnome-logs.profile +++ b/etc/profile-a-l/gnome-logs.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /var/log/journal diff --git a/etc/profile-a-l/gnome-maps.profile b/etc/profile-a-l/gnome-maps.profile index 1366d1e1e..eb0030dda 100644 --- a/etc/profile-a-l/gnome-maps.profile +++ b/etc/profile-a-l/gnome-maps.profile @@ -24,6 +24,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/champlain diff --git a/etc/profile-a-l/gnome-passwordsafe.profile b/etc/profile-a-l/gnome-passwordsafe.profile index 555a59d93..615be7873 100644 --- a/etc/profile-a-l/gnome-passwordsafe.profile +++ b/etc/profile-a-l/gnome-passwordsafe.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/cracklib diff --git a/etc/profile-a-l/gnome-recipes.profile b/etc/profile-a-l/gnome-recipes.profile index 20c355371..c4969590f 100644 --- a/etc/profile-a-l/gnome-recipes.profile +++ b/etc/profile-a-l/gnome-recipes.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.cache/gnome-recipes mkdir ${HOME}/.local/share/gnome-recipes diff --git a/etc/profile-a-l/gnome-screenshot.profile b/etc/profile-a-l/gnome-screenshot.profile index fe6bc025d..82fb1b658 100644 --- a/etc/profile-a-l/gnome-screenshot.profile +++ b/etc/profile-a-l/gnome-screenshot.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/gnome-system-log.profile b/etc/profile-a-l/gnome-system-log.profile index f597f5cd3..14b0f758e 100644 --- a/etc/profile-a-l/gnome-system-log.profile +++ b/etc/profile-a-l/gnome-system-log.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /var/log diff --git a/etc/profile-a-l/gnome-todo.profile b/etc/profile-a-l/gnome-todo.profile index 453925022..2fab3dcc7 100644 --- a/etc/profile-a-l/gnome-todo.profile +++ b/etc/profile-a-l/gnome-todo.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/gnome-todo diff --git a/etc/profile-a-l/gnome_games-common.profile b/etc/profile-a-l/gnome_games-common.profile index 5a17d0ff8..c46fbc1d9 100644 --- a/etc/profile-a-l/gnome_games-common.profile +++ b/etc/profile-a-l/gnome_games-common.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/gpicview.profile b/etc/profile-a-l/gpicview.profile index 578ccaef9..a536e5985 100644 --- a/etc/profile-a-l/gpicview.profile +++ b/etc/profile-a-l/gpicview.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc whitelist /usr/share/gpicview include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/gpredict.profile b/etc/profile-a-l/gpredict.profile index c1f1b53a0..3152db096 100644 --- a/etc/profile-a-l/gpredict.profile +++ b/etc/profile-a-l/gpredict.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/Gpredict whitelist ${HOME}/.config/Gpredict diff --git a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile index 7a1a9440e..0cb3aa864 100644 --- a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile +++ b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/gravity-beams-and-evaporating-stars diff --git a/etc/profile-a-l/gthumb.profile b/etc/profile-a-l/gthumb.profile index 77de59802..de0fc96ae 100644 --- a/etc/profile-a-l/gthumb.profile +++ b/etc/profile-a-l/gthumb.profile @@ -15,6 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all nodvd diff --git a/etc/profile-a-l/gtk-update-icon-cache.profile b/etc/profile-a-l/gtk-update-icon-cache.profile index ac2e9891b..2051a8af6 100644 --- a/etc/profile-a-l/gtk-update-icon-cache.profile +++ b/etc/profile-a-l/gtk-update-icon-cache.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/guayadeque.profile b/etc/profile-a-l/guayadeque.profile index 8ffd7ff58..8a7f65918 100644 --- a/etc/profile-a-l/guayadeque.profile +++ b/etc/profile-a-l/guayadeque.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-a-l/gucharmap.profile b/etc/profile-a-l/gucharmap.profile index 624914759..c0254b5ec 100644 --- a/etc/profile-a-l/gucharmap.profile +++ b/etc/profile-a-l/gucharmap.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/gwenview.profile b/etc/profile-a-l/gwenview.profile index dee0ba9a2..ec83a2d9f 100644 --- a/etc/profile-a-l/gwenview.profile +++ b/etc/profile-a-l/gwenview.profile @@ -23,6 +23,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/hexchat.profile b/etc/profile-a-l/hexchat.profile index 7723cbd6b..4c8911a06 100644 --- a/etc/profile-a-l/hexchat.profile +++ b/etc/profile-a-l/hexchat.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/hexchat diff --git a/etc/profile-a-l/highlight.profile b/etc/profile-a-l/highlight.profile index 8d2987b62..0761aa2fc 100644 --- a/etc/profile-a-l/highlight.profile +++ b/etc/profile-a-l/highlight.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all net none diff --git a/etc/profile-a-l/hugin.profile b/etc/profile-a-l/hugin.profile index f8d9f999d..e03b68128 100644 --- a/etc/profile-a-l/hugin.profile +++ b/etc/profile-a-l/hugin.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-a-l/hyperrogue.profile b/etc/profile-a-l/hyperrogue.profile index 1e3663b8f..f2cb25edf 100644 --- a/etc/profile-a-l/hyperrogue.profile +++ b/etc/profile-a-l/hyperrogue.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/hyperrogue.ini diff --git a/etc/profile-a-l/iagno.profile b/etc/profile-a-l/iagno.profile index a99c603bd..42fc7d449 100644 --- a/etc/profile-a-l/iagno.profile +++ b/etc/profile-a-l/iagno.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/kcalc.profile b/etc/profile-a-l/kcalc.profile index 6f94777aa..683ee08bd 100644 --- a/etc/profile-a-l/kcalc.profile +++ b/etc/profile-a-l/kcalc.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkfile ${HOME}/.config/kcalcrc mkfile ${HOME}/.kde/share/config/kcalcrc diff --git a/etc/profile-a-l/kdeinit4.profile b/etc/profile-a-l/kdeinit4.profile index 082045c62..f7235ea84 100644 --- a/etc/profile-a-l/kdeinit4.profile +++ b/etc/profile-a-l/kdeinit4.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/keepassxc.profile b/etc/profile-a-l/keepassxc.profile index 9458edf33..d1893e412 100644 --- a/etc/profile-a-l/keepassxc.profile +++ b/etc/profile-a-l/keepassxc.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/keepassxc diff --git a/etc/profile-a-l/konversation.profile b/etc/profile-a-l/konversation.profile index dd3e9617f..e73ea0dd5 100644 --- a/etc/profile-a-l/konversation.profile +++ b/etc/profile-a-l/konversation.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/ktorrent.profile b/etc/profile-a-l/ktorrent.profile index 2eb46a7e8..1919d73bc 100644 --- a/etc/profile-a-l/ktorrent.profile +++ b/etc/profile-a-l/ktorrent.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.kde/share/apps/ktorrent mkdir ${HOME}/.kde4/share/apps/ktorrent diff --git a/etc/profile-a-l/ktouch.profile b/etc/profile-a-l/ktouch.profile index b23b23730..8d8bcdd7d 100644 --- a/etc/profile-a-l/ktouch.profile +++ b/etc/profile-a-l/ktouch.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/.config/ktouch2rc diff --git a/etc/profile-a-l/kwin_x11.profile b/etc/profile-a-l/kwin_x11.profile index d512dd100..316a93d30 100644 --- a/etc/profile-a-l/kwin_x11.profile +++ b/etc/profile-a-l/kwin_x11.profile @@ -19,6 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/kwrite.profile b/etc/profile-a-l/kwrite.profile index a71e3bfb9..7d39e89ad 100644 --- a/etc/profile-a-l/kwrite.profile +++ b/etc/profile-a-l/kwrite.profile @@ -21,6 +21,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/leafpad.profile b/etc/profile-a-l/leafpad.profile index c456541aa..eb23b200b 100644 --- a/etc/profile-a-l/leafpad.profile +++ b/etc/profile-a-l/leafpad.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/lincity-ng.profile b/etc/profile-a-l/lincity-ng.profile index 624d4a8bd..91bd12d0d 100644 --- a/etc/profile-a-l/lincity-ng.profile +++ b/etc/profile-a-l/lincity-ng.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.lincity-ng diff --git a/etc/profile-a-l/lugaru.profile b/etc/profile-a-l/lugaru.profile index 26157b942..cd8f0e529 100644 --- a/etc/profile-a-l/lugaru.profile +++ b/etc/profile-a-l/lugaru.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/lugaru diff --git a/etc/profile-m-z/Maelstrom.profile b/etc/profile-m-z/Maelstrom.profile index 5cf570f80..77bce4179 100644 --- a/etc/profile-m-z/Maelstrom.profile +++ b/etc/profile-m-z/Maelstrom.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /var/lib/games diff --git a/etc/profile-m-z/QMediathekView.profile b/etc/profile-m-z/QMediathekView.profile index d1548a864..589dcfeb6 100644 --- a/etc/profile-m-z/QMediathekView.profile +++ b/etc/profile-m-z/QMediathekView.profile @@ -25,6 +25,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/qtchooser diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile index 8157cdff4..e2dcf17e0 100644 --- a/etc/profile-m-z/QOwnNotes.profile +++ b/etc/profile-m-z/QOwnNotes.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/Nextcloud/Notes diff --git a/etc/profile-m-z/macrofusion.profile b/etc/profile-m-z/macrofusion.profile index 3eef22f98..2e0071b47 100644 --- a/etc/profile-m-z/macrofusion.profile +++ b/etc/profile-m-z/macrofusion.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/magicor.profile b/etc/profile-m-z/magicor.profile index 380a59957..d26aed0bb 100644 --- a/etc/profile-m-z/magicor.profile +++ b/etc/profile-m-z/magicor.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.magicor diff --git a/etc/profile-m-z/manaplus.profile b/etc/profile-m-z/manaplus.profile index b29a489a6..eba77c8f2 100644 --- a/etc/profile-m-z/manaplus.profile +++ b/etc/profile-m-z/manaplus.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/mana diff --git a/etc/profile-m-z/mate-color-select.profile b/etc/profile-m-z/mate-color-select.profile index f1a7ca18f..b6dc643d4 100644 --- a/etc/profile-m-z/mate-color-select.profile +++ b/etc/profile-m-z/mate-color-select.profile @@ -11,6 +11,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-common.inc diff --git a/etc/profile-m-z/mate-dictionary.profile b/etc/profile-m-z/mate-dictionary.profile index 59f439c91..2267bbb50 100644 --- a/etc/profile-m-z/mate-dictionary.profile +++ b/etc/profile-m-z/mate-dictionary.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/mate/mate-dictionary whitelist ${HOME}/.config/mate/mate-dictionary diff --git a/etc/profile-m-z/mcabber.profile b/etc/profile-m-z/mcabber.profile index 134a6ae63..b63de6c3e 100644 --- a/etc/profile-m-z/mcabber.profile +++ b/etc/profile-m-z/mcabber.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all netfilter diff --git a/etc/profile-m-z/mediainfo.profile b/etc/profile-m-z/mediainfo.profile index c62d3f6d5..be7c8cbca 100644 --- a/etc/profile-m-z/mediainfo.profile +++ b/etc/profile-m-z/mediainfo.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile index be13e9643..84db8b785 100644 --- a/etc/profile-m-z/meld.profile +++ b/etc/profile-m-z/meld.profile @@ -35,6 +35,7 @@ include disable-interpreters.inc include disable-passwdmgr.inc # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-programs.inc. #include disable-programs.inc +include disable-shell.inc include whitelist-runuser-common.inc diff --git a/etc/profile-m-z/meteo-qt.profile b/etc/profile-m-z/meteo-qt.profile index f9466eb61..c8b0a0ff1 100644 --- a/etc/profile-m-z/meteo-qt.profile +++ b/etc/profile-m-z/meteo-qt.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/meteo-qt diff --git a/etc/profile-m-z/mindless.profile b/etc/profile-m-z/mindless.profile index e6ea54522..6108c0b69 100644 --- a/etc/profile-m-z/mindless.profile +++ b/etc/profile-m-z/mindless.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/mindless diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index f201b13d7..fa7d9edb0 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/minetest diff --git a/etc/profile-m-z/mirrormagic.profile b/etc/profile-m-z/mirrormagic.profile index ef0748436..ded84bf7e 100644 --- a/etc/profile-m-z/mirrormagic.profile +++ b/etc/profile-m-z/mirrormagic.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.mirrormagic diff --git a/etc/profile-m-z/mousepad.profile b/etc/profile-m-z/mousepad.profile index 868313c40..5f15b71e2 100644 --- a/etc/profile-m-z/mousepad.profile +++ b/etc/profile-m-z/mousepad.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/mp3splt-gtk.profile b/etc/profile-m-z/mp3splt-gtk.profile index bf6077395..3481a4a82 100644 --- a/etc/profile-m-z/mp3splt-gtk.profile +++ b/etc/profile-m-z/mp3splt-gtk.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile index fd0351db0..4ba1dfbd6 100644 --- a/etc/profile-m-z/mpDris2.profile +++ b/etc/profile-m-z/mpDris2.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${MUSIC} diff --git a/etc/profile-m-z/mpsyt.profile b/etc/profile-m-z/mpsyt.profile index f30fd48eb..e0c6ff1c8 100644 --- a/etc/profile-m-z/mpsyt.profile +++ b/etc/profile-m-z/mpsyt.profile @@ -26,6 +26,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/mps-youtube diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index 8c463e7db..b0e493c5f 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile @@ -27,6 +27,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/vulkan diff --git a/etc/profile-m-z/mumble.profile b/etc/profile-m-z/mumble.profile index a16934806..0c4efc3d3 100644 --- a/etc/profile-m-z/mumble.profile +++ b/etc/profile-m-z/mumble.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/Mumble mkdir ${HOME}/.local/share/data/Mumble diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile index cbf0d235d..fd73cea89 100644 --- a/etc/profile-m-z/netactview.profile +++ b/etc/profile-m-z/netactview.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/.netactview diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile index 119b30239..701098f4b 100644 --- a/etc/profile-m-z/nheko.profile +++ b/etc/profile-m-z/nheko.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/nheko mkdir ${HOME}/.cache/nheko/nheko diff --git a/etc/profile-m-z/nicotine.profile b/etc/profile-m-z/nicotine.profile index 7764edffb..6c363345e 100644 --- a/etc/profile-m-z/nicotine.profile +++ b/etc/profile-m-z/nicotine.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.nicotine diff --git a/etc/profile-m-z/nyx.profile b/etc/profile-m-z/nyx.profile index df214ff20..9e27dafab 100644 --- a/etc/profile-m-z/nyx.profile +++ b/etc/profile-m-z/nyx.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.nyx diff --git a/etc/profile-m-z/ocenaudio.profile b/etc/profile-m-z/ocenaudio.profile index 61fe14c08..ae18cfff9 100644 --- a/etc/profile-m-z/ocenaudio.profile +++ b/etc/profile-m-z/ocenaudio.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/odt2txt.profile b/etc/profile-m-z/odt2txt.profile index 3e4bd94b6..6201b6fba 100644 --- a/etc/profile-m-z/odt2txt.profile +++ b/etc/profile-m-z/odt2txt.profile @@ -15,6 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile index de82f8266..d5eba909e 100644 --- a/etc/profile-m-z/okular.profile +++ b/etc/profile-m-z/okular.profile @@ -24,6 +24,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/config.kcfg diff --git a/etc/profile-m-z/open-invaders.profile b/etc/profile-m-z/open-invaders.profile index de1ef7800..e18599d1d 100644 --- a/etc/profile-m-z/open-invaders.profile +++ b/etc/profile-m-z/open-invaders.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.openinvaders whitelist ${HOME}/.openinvaders diff --git a/etc/profile-m-z/opencity.profile b/etc/profile-m-z/opencity.profile index 59a2d1055..cb8a511ad 100644 --- a/etc/profile-m-z/opencity.profile +++ b/etc/profile-m-z/opencity.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.opencity diff --git a/etc/profile-m-z/openclonk.profile b/etc/profile-m-z/openclonk.profile index 37f046df2..a6760617c 100644 --- a/etc/profile-m-z/openclonk.profile +++ b/etc/profile-m-z/openclonk.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.clonk diff --git a/etc/profile-m-z/openttd.profile b/etc/profile-m-z/openttd.profile index 57e3787aa..b71883d68 100644 --- a/etc/profile-m-z/openttd.profile +++ b/etc/profile-m-z/openttd.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.openttd diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index 4cd4dae17..cc44d5a48 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.ostrichriders diff --git a/etc/profile-m-z/pandoc.profile b/etc/profile-m-z/pandoc.profile index 354f6eab8..82f03d8f0 100644 --- a/etc/profile-m-z/pandoc.profile +++ b/etc/profile-m-z/pandoc.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # breaks pdf output diff --git a/etc/profile-m-z/parole.profile b/etc/profile-m-z/parole.profile index e7a0694ed..0a4422a73 100644 --- a/etc/profile-m-z/parole.profile +++ b/etc/profile-m-z/parole.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile index 2bb85e3c6..8663fb453 100644 --- a/etc/profile-m-z/patch.profile +++ b/etc/profile-m-z/patch.profile @@ -17,6 +17,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile index d9e4aedfb..eee42424f 100644 --- a/etc/profile-m-z/pdftotext.profile +++ b/etc/profile-m-z/pdftotext.profile @@ -16,6 +16,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${DOCUMENTS} diff --git a/etc/profile-m-z/penguin-command.profile b/etc/profile-m-z/penguin-command.profile index d4d3e914d..db0d84496 100644 --- a/etc/profile-m-z/penguin-command.profile +++ b/etc/profile-m-z/penguin-command.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc whitelist ${HOME}/.penguin-command include whitelist-common.inc diff --git a/etc/profile-m-z/pioneer.profile b/etc/profile-m-z/pioneer.profile index 8b1c5afb8..5f329195b 100644 --- a/etc/profile-m-z/pioneer.profile +++ b/etc/profile-m-z/pioneer.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.pioneer diff --git a/etc/profile-m-z/pithos.profile b/etc/profile-m-z/pithos.profile index ad56ce525..0864dd0bc 100644 --- a/etc/profile-m-z/pithos.profile +++ b/etc/profile-m-z/pithos.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-m-z/pix.profile b/etc/profile-m-z/pix.profile index 9864ed718..a2c35beb5 100644 --- a/etc/profile-m-z/pix.profile +++ b/etc/profile-m-z/pix.profile @@ -15,6 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all nodvd diff --git a/etc/profile-m-z/pluma.profile b/etc/profile-m-z/pluma.profile index ea8550bda..5303eae8a 100644 --- a/etc/profile-m-z/pluma.profile +++ b/etc/profile-m-z/pluma.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile index e9338d4b9..83905b108 100644 --- a/etc/profile-m-z/pngquant.profile +++ b/etc/profile-m-z/pngquant.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-runuser-common.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/profanity.profile b/etc/profile-m-z/profanity.profile index b7aa2bf52..a02bcd826 100644 --- a/etc/profile-m-z/profanity.profile +++ b/etc/profile-m-z/profanity.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/qbittorrent.profile b/etc/profile-m-z/qbittorrent.profile index 820dc7214..81ec1bc6b 100644 --- a/etc/profile-m-z/qbittorrent.profile +++ b/etc/profile-m-z/qbittorrent.profile @@ -21,6 +21,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.cache/qBittorrent mkdir ${HOME}/.config/qBittorrent diff --git a/etc/profile-m-z/qmmp.profile b/etc/profile-m-z/qmmp.profile index 4dc6b6784..e1f679417 100644 --- a/etc/profile-m-z/qmmp.profile +++ b/etc/profile-m-z/qmmp.profile @@ -14,6 +14,7 @@ include disable-devel.inc include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/qpdfview.profile b/etc/profile-m-z/qpdfview.profile index c082762ad..80e34334a 100644 --- a/etc/profile-m-z/qpdfview.profile +++ b/etc/profile-m-z/qpdfview.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/qtox.profile b/etc/profile-m-z/qtox.profile index c8b77123d..eb8e3e314 100644 --- a/etc/profile-m-z/qtox.profile +++ b/etc/profile-m-z/qtox.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/tox diff --git a/etc/profile-m-z/quiterss.profile b/etc/profile-m-z/quiterss.profile index 8dbdffdc8..366cff4ed 100644 --- a/etc/profile-m-z/quiterss.profile +++ b/etc/profile-m-z/quiterss.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.cache/QuiteRss mkdir ${HOME}/.config/QuiteRss diff --git a/etc/profile-m-z/regextester.profile b/etc/profile-m-z/regextester.profile index 207156ba5..6fb0d4b5f 100644 --- a/etc/profile-m-z/regextester.profile +++ b/etc/profile-m-z/regextester.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-passwdmgr.inc include disable-interpreters.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/com.github.artemanufrij.regextester diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile index f3939685a..b76f2b947 100644 --- a/etc/profile-m-z/rhythmbox.profile +++ b/etc/profile-m-z/rhythmbox.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/rhythmbox diff --git a/etc/profile-m-z/ricochet.profile b/etc/profile-m-z/ricochet.profile index 1b8fbbc97..86e3fbfb5 100644 --- a/etc/profile-m-z/ricochet.profile +++ b/etc/profile-m-z/ricochet.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.local/share/Ricochet whitelist ${DOWNLOADS} diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index a39ff759a..95deed119 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile @@ -22,6 +22,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # Uncomment or add to rsync.local to enable extra hardening diff --git a/etc/profile-m-z/rtorrent.profile b/etc/profile-m-z/rtorrent.profile index 0b4d6e1b1..308c1c802 100644 --- a/etc/profile-m-z/rtorrent.profile +++ b/etc/profile-m-z/rtorrent.profile @@ -12,6 +12,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all machine-id diff --git a/etc/profile-m-z/sayonara.profile b/etc/profile-m-z/sayonara.profile index 8f0544f33..6557c0c42 100644 --- a/etc/profile-m-z/sayonara.profile +++ b/etc/profile-m-z/sayonara.profile @@ -13,6 +13,7 @@ include disable-devel.inc include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/scorchwentbonkers.profile b/etc/profile-m-z/scorchwentbonkers.profile index 7cb57edce..484ebc38e 100644 --- a/etc/profile-m-z/scorchwentbonkers.profile +++ b/etc/profile-m-z/scorchwentbonkers.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.swb.ini diff --git a/etc/profile-m-z/sdat2img.profile b/etc/profile-m-z/sdat2img.profile index b45eff4cd..8d16cd07f 100644 --- a/etc/profile-m-z/sdat2img.profile +++ b/etc/profile-m-z/sdat2img.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/seahorse-adventures.profile b/etc/profile-m-z/seahorse-adventures.profile index 895724844..cb2e5ef91 100644 --- a/etc/profile-m-z/seahorse-adventures.profile +++ b/etc/profile-m-z/seahorse-adventures.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/seahorse-adventures diff --git a/etc/profile-m-z/silentarmy.profile b/etc/profile-m-z/silentarmy.profile index cfc33d074..220035ee7 100644 --- a/etc/profile-m-z/silentarmy.profile +++ b/etc/profile-m-z/silentarmy.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/slack.profile b/etc/profile-m-z/slack.profile index b2828fcb1..8ab3edd63 100644 --- a/etc/profile-m-z/slack.profile +++ b/etc/profile-m-z/slack.profile @@ -12,6 +12,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/Slack whitelist ${HOME}/.config/Slack diff --git a/etc/profile-m-z/smplayer.profile b/etc/profile-m-z/smplayer.profile index ac01c675b..3fb6fc349 100644 --- a/etc/profile-m-z/smplayer.profile +++ b/etc/profile-m-z/smplayer.profile @@ -23,6 +23,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/smplayer diff --git a/etc/profile-m-z/sol.profile b/etc/profile-m-z/sol.profile index 8519de6df..44fb8cfe2 100644 --- a/etc/profile-m-z/sol.profile +++ b/etc/profile-m-z/sol.profile @@ -11,6 +11,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc # all necessary files in $HOME are in whitelist-common.inc diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index 017120811..cdb20b4e0 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/stellarium.profile b/etc/profile-m-z/stellarium.profile index d6df2e0ad..3f93fe591 100644 --- a/etc/profile-m-z/stellarium.profile +++ b/etc/profile-m-z/stellarium.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/stellarium mkdir ${HOME}/.stellarium diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile index 31ed5dd3f..426b2dc1c 100644 --- a/etc/profile-m-z/strings.profile +++ b/etc/profile-m-z/strings.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc #include disable-programs.inc +include disable-shell.inc #include disable-xdg.inc #include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index 73877b1b5..ce69c8b4b 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile @@ -13,10 +13,11 @@ noblacklist ${HOME}/.local/share/supertuxkart include disable-common.inc include disable-devel.inc include disable-exec.inc +include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc -include disable-interpreters.inc mkdir ${HOME}/.config/supertuxkart mkdir ${HOME}/.cache/supertuxkart diff --git a/etc/profile-m-z/teeworlds.profile b/etc/profile-m-z/teeworlds.profile index 7765703de..c0d62bec2 100644 --- a/etc/profile-m-z/teeworlds.profile +++ b/etc/profile-m-z/teeworlds.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.teeworlds diff --git a/etc/profile-m-z/tilp.profile b/etc/profile-m-z/tilp.profile index 4d38d5184..dd4a372c4 100644 --- a/etc/profile-m-z/tilp.profile +++ b/etc/profile-m-z/tilp.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all net none diff --git a/etc/profile-m-z/totem.profile b/etc/profile-m-z/totem.profile index d49ef0cb8..2e758879e 100644 --- a/etc/profile-m-z/totem.profile +++ b/etc/profile-m-z/totem.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile index 9030b1e01..87c5de076 100644 --- a/etc/profile-m-z/tracker.profile +++ b/etc/profile-m-z/tracker.profile @@ -16,6 +16,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-runuser-common.inc diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile index cafc6e6d1..c31055cdc 100644 --- a/etc/profile-m-z/transgui.profile +++ b/etc/profile-m-z/transgui.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/transgui diff --git a/etc/profile-m-z/tremulous.profile b/etc/profile-m-z/tremulous.profile index 64bb8cba8..66a536008 100644 --- a/etc/profile-m-z/tremulous.profile +++ b/etc/profile-m-z/tremulous.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.tremulous diff --git a/etc/profile-m-z/uget-gtk.profile b/etc/profile-m-z/uget-gtk.profile index 8a2e83a1a..c8f28444f 100644 --- a/etc/profile-m-z/uget-gtk.profile +++ b/etc/profile-m-z/uget-gtk.profile @@ -11,6 +11,7 @@ include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.config/uGet whitelist ${DOWNLOADS} diff --git a/etc/profile-m-z/unf.profile b/etc/profile-m-z/unf.profile index fbbe949e9..bcd256ba3 100644 --- a/etc/profile-m-z/unf.profile +++ b/etc/profile-m-z/unf.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist ${DOWNLOADS} diff --git a/etc/profile-m-z/unrar.profile b/etc/profile-m-z/unrar.profile index 88a753d59..e07a6fc93 100644 --- a/etc/profile-m-z/unrar.profile +++ b/etc/profile-m-z/unrar.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all hostname unrar diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index b4b63882b..e08511c12 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc caps.drop all hostname unzip diff --git a/etc/profile-m-z/utox.profile b/etc/profile-m-z/utox.profile index 9877ea889..cd4374004 100644 --- a/etc/profile-m-z/utox.profile +++ b/etc/profile-m-z/utox.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/tox diff --git a/etc/profile-m-z/uudeview.profile b/etc/profile-m-z/uudeview.profile index 6b5f14cab..f60c134e0 100644 --- a/etc/profile-m-z/uudeview.profile +++ b/etc/profile-m-z/uudeview.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/viewnior.profile b/etc/profile-m-z/viewnior.profile index f009f6340..83727d42b 100644 --- a/etc/profile-m-z/viewnior.profile +++ b/etc/profile-m-z/viewnior.profile @@ -18,6 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/warmux.profile b/etc/profile-m-z/warmux.profile index a3de3d444..aaef652fd 100644 --- a/etc/profile-m-z/warmux.profile +++ b/etc/profile-m-z/warmux.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/wormux diff --git a/etc/profile-m-z/warsow.profile b/etc/profile-m-z/warsow.profile index 32d27e1b9..d8cd5557e 100644 --- a/etc/profile-m-z/warsow.profile +++ b/etc/profile-m-z/warsow.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/warsow-2.1 diff --git a/etc/profile-m-z/warzone2100.profile b/etc/profile-m-z/warzone2100.profile index 25f401d85..369c9cc1d 100644 --- a/etc/profile-m-z/warzone2100.profile +++ b/etc/profile-m-z/warzone2100.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc # mkdir ${HOME}/.warzone2100-3.1 # mkdir ${HOME}/.warzone2100-3.2 diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index 65723e68c..cdb8f0b93 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile @@ -21,6 +21,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc # depending on workflow you can uncomment the below or put 'include disable-xdg.inc' in your wget.local #include disable-xdg.inc diff --git a/etc/profile-m-z/widelands.profile b/etc/profile-m-z/widelands.profile index 079e4eb96..f18878554 100644 --- a/etc/profile-m-z/widelands.profile +++ b/etc/profile-m-z/widelands.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.widelands diff --git a/etc/profile-m-z/wordwarvi.profile b/etc/profile-m-z/wordwarvi.profile index 6372654bd..da1210bb8 100644 --- a/etc/profile-m-z/wordwarvi.profile +++ b/etc/profile-m-z/wordwarvi.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.wordwarvi diff --git a/etc/profile-m-z/xbill.profile b/etc/profile-m-z/xbill.profile index 56d3cf40d..cdfebfb29 100644 --- a/etc/profile-m-z/xbill.profile +++ b/etc/profile-m-z/xbill.profile @@ -12,6 +12,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/xbill diff --git a/etc/profile-m-z/xcalc.profile b/etc/profile-m-z/xcalc.profile index 294ad7c80..56ce01498 100644 --- a/etc/profile-m-z/xcalc.profile +++ b/etc/profile-m-z/xcalc.profile @@ -11,6 +11,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/xed.profile b/etc/profile-m-z/xed.profile index 64a50083f..b114f9ab5 100644 --- a/etc/profile-m-z/xed.profile +++ b/etc/profile-m-z/xed.profile @@ -20,6 +20,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile index 5707dc443..6ff4a1103 100644 --- a/etc/profile-m-z/xfce4-mixer.profile +++ b/etc/profile-m-z/xfce4-mixer.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml diff --git a/etc/profile-m-z/xiphos.profile b/etc/profile-m-z/xiphos.profile index 7114f0469..188589df3 100644 --- a/etc/profile-m-z/xiphos.profile +++ b/etc/profile-m-z/xiphos.profile @@ -17,6 +17,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc mkdir ${HOME}/.sword mkdir ${HOME}/.xiphos diff --git a/etc/profile-m-z/xmms.profile b/etc/profile-m-z/xmms.profile index 7a11e1244..9391f68de 100644 --- a/etc/profile-m-z/xmms.profile +++ b/etc/profile-m-z/xmms.profile @@ -13,6 +13,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/xmr-stak.profile b/etc/profile-m-z/xmr-stak.profile index c6ba9bd9d..3278e295d 100644 --- a/etc/profile-m-z/xmr-stak.profile +++ b/etc/profile-m-z/xmr-stak.profile @@ -13,6 +13,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.xmr-stak diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile index ba41d5bb3..b842b5307 100644 --- a/etc/profile-m-z/xournal.profile +++ b/etc/profile-m-z/xournal.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc whitelist /usr/share/xournal diff --git a/etc/profile-m-z/xviewer.profile b/etc/profile-m-z/xviewer.profile index 59c8a44f2..0ac0f665e 100644 --- a/etc/profile-m-z/xviewer.profile +++ b/etc/profile-m-z/xviewer.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include whitelist-var-common.inc diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index 08b31f1ff..f643cf252 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile @@ -14,6 +14,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/yelp diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile index 061d873b3..db3535f78 100644 --- a/etc/profile-m-z/youtube-dl.profile +++ b/etc/profile-m-z/youtube-dl.profile @@ -30,6 +30,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/zart.profile b/etc/profile-m-z/zart.profile index 3fe3c8ce8..ca35e3b51 100644 --- a/etc/profile-m-z/zart.profile +++ b/etc/profile-m-z/zart.profile @@ -15,6 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc caps.drop all diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile index ba0ea1032..5274e5b42 100644 --- a/etc/profile-m-z/zathura.profile +++ b/etc/profile-m-z/zathura.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/zathura diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile index fe5f077be..2d0d944fd 100644 --- a/etc/profile-m-z/zeal.profile +++ b/etc/profile-m-z/zeal.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/Zeal diff --git a/etc/profile-m-z/zulip.profile b/etc/profile-m-z/zulip.profile index 999c2f77a..993f2a64b 100644 --- a/etc/profile-m-z/zulip.profile +++ b/etc/profile-m-z/zulip.profile @@ -16,6 +16,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.config/Zulip diff --git a/etc/templates/profile.template b/etc/templates/profile.template index be1175ce3..02d9fa076 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template @@ -109,6 +109,7 @@ include globals.local #include disable-interpreters.inc #include disable-passwdmgr.inc #include disable-programs.inc +#include disable-shell.inc #include disable-xdg.inc # This section often mirrors noblacklist section above. The idea is