diff --git a/etc/dig.profile b/etc/dig.profile
index f5b26c195..6d5e97ac3 100644
--- a/etc/dig.profile
+++ b/etc/dig.profile
@@ -20,6 +20,7 @@ include whitelist-var-common.inc
 
 caps.drop all
 # ipc-namespace
+machine-id
 netfilter
 no3d
 nodbus
@@ -45,5 +46,5 @@ private-lib
 private-tmp
 
 memory-deny-write-execute
-# noexec ${HOME}
-# noexec /tmp
+noexec ${HOME}
+noexec /tmp