From fcd6004951ff78735e3b428be0b69ff915b951cd Mon Sep 17 00:00:00 2001
From: Andinus <andinus@nand.sh>
Date: Wed, 10 Jun 2020 17:29:45 +0530
Subject: Better unveil list

While not perfect this is a lot better than the old list.
---
 ara.pl | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'ara.pl')

diff --git a/ara.pl b/ara.pl
index 4f5170a..a351eb6 100755
--- a/ara.pl
+++ b/ara.pl
@@ -43,9 +43,10 @@ die "Can't use --local and --latest together\n"
 
 # %unveil contains list of paths to unveil with their permissions.
 my %unveil = (
-    "/" => "rx", # Unveil "/", remove this later after profiling with
-                 # ktrace.
-    "/home" => "", # Veil "/home", we don't want to read it.
+    "/usr" => "rx",
+    "/var" => "rx",
+    "/etc" => "rx",
+    "/dev" => "rx",
     "/tmp" => "rwc",
     "/dev/null" => "rw",
 );
-- 
cgit 1.4.1-2-gfad0