saving uncommitted changes in /etc prior to emerge run

sandfox/default.profile

@@ -0,0 +1,70 @@
+# Sandfox Default Profile
+#
+# WARNING: This default profile is loaded for all sandboxes and should only
+#          contain the minimum folders required by all apps.  If you do not at
+#          least bind /bin /lib and /etc then the chroot command may not succeed.
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+
+# root folders and files
+bindro=/bin     # required by chroot su - do not remove
+bindro=/etc     # required by chroot su - do not remove
+bindro=/lib     # required by chroot su - do not remove
+
+
+# recommended to keep apps happy
+bind=/dev/null
+bind=/dev/urandom
+bind=/dev/random
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate   # security
+
+
+# home folders and files
+# probably better to bind most home folders and files in another profile
+copy=/home/$user/.bashrc           # provides a disposable copy
+copy=/home/$user/.bash_profile     # provides a disposable copy
+
+
+# other folders and files
+# probably better to put these in another profile
+
+
+
+# Lockdown X Access  (experimental)
+# These hides, disabled by default, MAY HELP to lockdown X access - for
+# example to discourage sandboxed apps from taking screen snapshots or
+# doing keylogging.  If you enable these, be sure to close all sandboxes
+# before updating your system.  Your package manager won't be able to
+# update these files while they are mounted in a sandbox.
+#
+# hide=/usr/bin/import
+# hide=/usr/bin/xauth
+# hide=/usr/bin/xev
+# hide=/usr/bin/xhost
+# hide=/usr/bin/xwd
+# hide=/usr/bin/xscreensaver
+# hide=/usr/bin/xscreensaver-command
+# hide=/usr/bin/xscreensaver-demo
+# hide=/usr/bin/xscreensaver-getimage
+# hide=/usr/bin/xscreensaver-getimage-file
+# hide=/usr/bin/xscreensaver-getimage-video
+# hide=/usr/bin/Xorg
+# hide=/etc/X11
+# hide=/usr/lib/X11
+
+

sandfox/firefox.profile

@@ -0,0 +1,125 @@
+# Sandfox Firefox Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+sandbox=firefox
+
+# root folders and files required by firefox
+bindro=/opt/Adobe
+bindro=/bin
+bind=/dev/null
+bind=/dev/urandom       # used by Firefox for security purposes
+bind=/dev/random        # used by Firefox for printing
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/etc
+bindro=/lib
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate
+bindro=/run/resolvconf   # used by Firefox for DNS support
+
+# prevent hackery
+hide=/usr/bin/perl
+hide=/usr/libexec/gcc
+hide=/usr/bin/perl5.12.4
+hide=/usr/x86_64-pc-linux-gnu/gcc-bin
+hide=/usr/bin/gcc
+hide=/usr/bin/cc
+hide=/usr/bin/g++
+hide=/usr/bin/cc
+hide=/usr/bin/c++
+hide=/usr/bin/gcc-config
+hide=/usr/bin/gcc-ar
+hide=/usr/bin/gcc-nm
+hide=/usr/bin/gcc-ranlib
+hide=/usr/bin/asan_symbolize.py
+hide=/usr/bin/asan_symbolize.py-pypy-c2.0
+hide=/usr/bin/asan_symbolize.py-python2.6
+hide=/usr/bin/asan_symbolize.py-python2.7
+hide=/usr/bin/c++-analyzer
+hide=/usr/bin/c-index-test
+hide=/usr/bin/ccc-analyzer
+hide=/usr/bin/clang
+hide=/usr/bin/clang++
+hide=/usr/bin/clang-check
+hide=/usr/bin/clang-format
+hide=/usr/bin/clang-tblgen
+hide=/usr/bin/scan-build
+hide=/usr/bin/scan-view
+hide=/usr/bin/scan-view-pypy-c2.0
+hide=/usr/bin/scan-view-python2.6
+hide=/usr/bin/scan-view-python2.7
+
+# required by alsa for Flash sound
+bindro=/dev/snd
+
+# required by Java
+bindro=/opt/java
+bindro=/proc
+
+# required by Cups printing in Firefox
+bind=/var/cache/cups        # Firefox starts faster
+bind=/var/cache/fontconfig  # Firefox starts faster
+bind=/var/run               # Firefox shows Cups printers
+
+# home folders and files
+# You may need to add additional binds to your home folders and files in order
+# for every aspect of Firefox to work as you want.  Or you can share your
+# entire /home/$user folder (this would reduce security)
+bind=/home/$user/.mozilla
+bind=/home/$user/.esd_auth
+bind=/home/$user/.java
+bindro=/home/$user/.asoundrc
+
+# Needed for KDE and Gnome themes in Firefox   (may be incomplete for gnome)
+# To find out what other binds you may need, run 'env' in a shell as user
+#       and examine the values of GTK2_RC_FILES and GTK_RC_FILES and XCURSOR_THEME
+# Note: The bind for kdeglobals below is a limited privacy risk, as KDE4 stores
+#       recent file and folder names in this file.  You can clean this file with 
+#       kscrubber:  http://igurublog.wordpress.com/downloads/script-kscrubber/
+#       or don't bind it, but your theme may not work in Firefox
+bind=/home/$user/.config/gtk-2.0
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.fonts
+bind=/home/$user/.gtkrc-2.0
+bind=/home/$user/.gtkrc-2.0-kde4
+bind=/home/$user/.kde/share/config/gtkrc
+bind=/home/$user/.kde/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde/share/config/kdeglobals
+bind=/home/$user/.kde4/share/config/gtkrc
+bind=/home/$user/.kde4/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde4/share/config/kdeglobals
+bindro=/home/$user/.gtkrc-2.0-kde
+bind=/home/$user/.kde3/share/config/gtkrc
+bind=/home/$user/.kde3/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde3/share/config/kdeglobals
+bindro=/home/$user/.Xdefaults  # for cursor theme
+bindro=/home/$user/.Xauthority
+#bindro=/etc/gtk-2.0/gtkrc      # used but already binded all of /etc
+
+
+# Required by flash player for persisent LSOs
+# Hide will store the cookies in ram and destroy them on exit.  If you need
+# LSOs to be permanent, use bind= instead.
+# http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
+hide=/home/$user/.adobe            # creates a dummy folder
+hide=/home/$user/.macromedia   # creates a dummy folder
+
+
+# other folders and files
+# You may want to bind your Downloads or other data folders below so you
+# can easily save and upload files from within Firefox.
+

sandfox/google-earth.profile

@@ -0,0 +1,57 @@
+# Sandfox Google-Earth Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+
+# root folders and files
+bindro=/bin
+bind=/dev/null
+bind=/dev/urandom
+bind=/dev/random
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/etc
+bindro=/lib
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate
+bindro=/opt/google/earth
+bindro=/opt/google-earth
+
+# required by Cups printing
+bind=/var/cache/cups
+bind=/var/cache/fontconfig
+bind=/var/run
+
+# home folders and files
+# You may need to add additional binds to your home folders and files in order
+# for every aspect of Google-Earth to work as you want.  Or you can share your
+# entire /home/$user folder (this would reduce security)
+bind=/home/$user/.googleearth
+bind=/home/$user/.config/Google
+bind=/home/$user/.esd_auth
+bindro=/home/$user/.config/Trolltech.conf
+
+# Themes
+bindro=/home/$user/.Xdefaults
+bindro=/home/$user/.Xauthority
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.fonts
+
+# other folders and files
+# You may want to bind your Downloads or other data folders below so you
+# can easily save and upload files from within Google-Earth.
+
+

sandfox/hexchat.profile

@@ -0,0 +1,113 @@
+# Sandfox Firefox Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+
+sandbox=hexchat
+
+# root folders and files required by firefox
+bindro=/bin
+bind=/dev/null
+bind=/dev/urandom       # used by Firefox for security purposes
+bind=/dev/random        # used by Firefox for printing
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/etc
+bindro=/lib
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate
+bindro=/run/resolvconf   # used by Firefox for DNS support
+
+# prevent hackery
+#hide=/usr/bin/perl
+#hide=/usr/bin/perl5.12.4
+hide=/usr/libexec/gcc
+hide=/usr/x86_64-pc-linux-gnu/gcc-bin
+hide=/usr/bin/gcc
+hide=/usr/bin/cc
+hide=/usr/bin/g++
+hide=/usr/bin/cc
+hide=/usr/bin/c++
+hide=/usr/bin/gcc-config
+hide=/usr/bin/gcc-ar
+hide=/usr/bin/gcc-nm
+hide=/usr/bin/gcc-ranlib
+hide=/usr/bin/asan_symbolize.py
+hide=/usr/bin/asan_symbolize.py-pypy-c2.0
+hide=/usr/bin/asan_symbolize.py-python2.6
+hide=/usr/bin/asan_symbolize.py-python2.7
+hide=/usr/bin/c++-analyzer
+hide=/usr/bin/c-index-test
+hide=/usr/bin/ccc-analyzer
+hide=/usr/bin/clang
+hide=/usr/bin/clang++
+hide=/usr/bin/clang-check
+hide=/usr/bin/clang-format
+hide=/usr/bin/clang-tblgen
+hide=/usr/bin/scan-build
+hide=/usr/bin/scan-view
+hide=/usr/bin/scan-view-pypy-c2.0
+hide=/usr/bin/scan-view-python2.6
+hide=/usr/bin/scan-view-python2.7
+
+# required by alsa for Flash sound
+bindro=/dev/snd
+
+# required by Cups printing in Firefox
+bind=/var/cache/cups        # Firefox starts faster
+bind=/var/cache/fontconfig  # Firefox starts faster
+bind=/var/run               # Firefox shows Cups printers
+
+# home folders and files
+# You may need to add additional binds to your home folders and files in order
+# for every aspect of Firefox to work as you want.  Or you can share your
+# entire /home/$user folder (this would reduce security)
+bind=/home/$user/.esd_auth
+bind=/home/$user/.config/hexchat
+bindro=/home/$user/.asoundrc
+
+# Needed for KDE and Gnome themes in Firefox   (may be incomplete for gnome)
+# To find out what other binds you may need, run 'env' in a shell as user
+#       and examine the values of GTK2_RC_FILES and GTK_RC_FILES and XCURSOR_THEME
+# Note: The bind for kdeglobals below is a limited privacy risk, as KDE4 stores
+#       recent file and folder names in this file.  You can clean this file with 
+#       kscrubber:  http://igurublog.wordpress.com/downloads/script-kscrubber/
+#       or don't bind it, but your theme may not work in Firefox
+bind=/home/$user/.config/gtk-2.0
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.fonts
+bind=/home/$user/.gtkrc-2.0
+bind=/home/$user/.gtkrc-2.0-kde4
+bind=/home/$user/.kde/share/config/gtkrc
+bind=/home/$user/.kde/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde/share/config/kdeglobals
+bind=/home/$user/.kde4/share/config/gtkrc
+bind=/home/$user/.kde4/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde4/share/config/kdeglobals
+bindro=/home/$user/.gtkrc-2.0-kde
+bind=/home/$user/.kde3/share/config/gtkrc
+bind=/home/$user/.kde3/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde3/share/config/kdeglobals
+bindro=/home/$user/.Xdefaults  # for cursor theme
+bindro=/home/$user/.Xauthority
+#bindro=/etc/gtk-2.0/gtkrc      # used but already binded all of /etc
+
+
+# other folders and files
+# You may want to bind your Downloads or other data folders below so you
+# can easily save and upload files from within Firefox.
+
+

sandfox/pidgin.profile

@@ -0,0 +1,117 @@
+# Sandfox Firefox Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+sandbox=pidgin
+
+# root folders and files required by firefox
+bindro=/bin
+bind=/dev/null
+bind=/dev/urandom       # used by Firefox for security purposes
+bind=/dev/random        # used by Firefox for printing
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/etc
+bindro=/lib
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate
+bindro=/run/resolvconf   # used by Firefox for DNS support
+
+# prevent hackery
+hide=/usr/bin/perl
+hide=/usr/libexec/gcc
+hide=/usr/bin/perl5.12.4
+hide=/usr/x86_64-pc-linux-gnu/gcc-bin
+hide=/usr/bin/gcc
+hide=/usr/bin/cc
+hide=/usr/bin/g++
+hide=/usr/bin/cc
+hide=/usr/bin/c++
+hide=/usr/bin/gcc-config
+hide=/usr/bin/gcc-ar
+hide=/usr/bin/gcc-nm
+hide=/usr/bin/gcc-ranlib
+hide=/usr/bin/asan_symbolize.py
+hide=/usr/bin/asan_symbolize.py-pypy-c2.0
+hide=/usr/bin/asan_symbolize.py-python2.6
+hide=/usr/bin/asan_symbolize.py-python2.7
+hide=/usr/bin/c++-analyzer
+hide=/usr/bin/c-index-test
+hide=/usr/bin/ccc-analyzer
+hide=/usr/bin/clang
+hide=/usr/bin/clang++
+hide=/usr/bin/clang-check
+hide=/usr/bin/clang-format
+hide=/usr/bin/clang-tblgen
+hide=/usr/bin/scan-build
+hide=/usr/bin/scan-view
+hide=/usr/bin/scan-view-pypy-c2.0
+hide=/usr/bin/scan-view-python2.6
+hide=/usr/bin/scan-view-python2.7
+
+# required by alsa for Flash sound
+bindro=/dev/snd
+
+# required by Java
+bindro=/opt/java
+bindro=/proc
+
+# required by Cups printing in Firefox
+bind=/var/cache/cups        # Firefox starts faster
+bind=/var/cache/fontconfig  # Firefox starts faster
+bind=/var/run               # Firefox shows Cups printers
+
+# home folders and files
+# You may need to add additional binds to your home folders and files in order
+# for every aspect of Firefox to work as you want.  Or you can share your
+# entire /home/$user folder (this would reduce security)
+bind=/home/$user/.purple
+bind=/home/$user/Dropbox/pidgin/logs
+bind=/home/$user/.esd_auth
+bindro=/home/$user/.asoundrc
+
+# Needed for KDE and Gnome themes in Firefox   (may be incomplete for gnome)
+# To find out what other binds you may need, run 'env' in a shell as user
+#       and examine the values of GTK2_RC_FILES and GTK_RC_FILES and XCURSOR_THEME
+# Note: The bind for kdeglobals below is a limited privacy risk, as KDE4 stores
+#       recent file and folder names in this file.  You can clean this file with 
+#       kscrubber:  http://igurublog.wordpress.com/downloads/script-kscrubber/
+#       or don't bind it, but your theme may not work in Firefox
+bind=/home/$user/.config/gtk-2.0
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.fonts
+bind=/home/$user/.gtkrc-2.0
+bind=/home/$user/.gtkrc-2.0-kde4
+bind=/home/$user/.kde/share/config/gtkrc
+bind=/home/$user/.kde/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde/share/config/kdeglobals
+bind=/home/$user/.kde4/share/config/gtkrc
+bind=/home/$user/.kde4/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde4/share/config/kdeglobals
+bindro=/home/$user/.gtkrc-2.0-kde
+bind=/home/$user/.kde3/share/config/gtkrc
+bind=/home/$user/.kde3/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde3/share/config/kdeglobals
+bindro=/home/$user/.Xdefaults  # for cursor theme
+bindro=/home/$user/.Xauthority
+#bindro=/etc/gtk-2.0/gtkrc      # used but already binded all of /etc
+
+
+# other folders and files
+# You may want to bind your Downloads or other data folders below so you
+# can easily save and upload files from within Firefox.
+
+

sandfox/skype.profile

@@ -0,0 +1,51 @@
+# Sandfox Skype Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+# Set this to your Skype video device
+# Note: /dev/video probably won't work
+bind=/dev/video0
+
+bind=/dev/shm
+bind=/dev/snd
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+# bind=/sys/devices/system/cpu      # ???
+# bindro=/etc/pulse/client.conf     # only needed if /etc not bound
+bindro=/proc/interrupts
+bindro=/var/cache/libx11/compose
+bind=/tmp
+bindro=/usr
+bind=/usr/share/skype  # Gentoo users may need to disable this bind
+bind=/opt/skype
+
+# Following only needed if all of /tmp not bound above
+# copy=/tmp/.ICE-unix           
+# copy=/tmp/.X11-unix/X0
+# bind=/tmp/pulse-*/native
+
+# Following only needed if all of /usr not bound above
+# copy=/usr/bin/skype
+# bindro=/usr/lib/qt4/plugins/iconengines
+# bindro=/usr/lib/qt4/plugins/imageformats
+# bindro=/usr/lib/qt4/plugins/imageformats
+# bindro=/usr/lib/qt4/plugins/inputmethods
+# bindro=/usr/share/X11/locale
+# bindro=/usr/share/icons
+# bindro=/usr/share/fonts
+
+bind=/home/$user/.Skype
+bindro=/home/$user/.ICEauthority
+bindro=/home/$user/.Xauthority
+bindro=/home/$user/.config/Trolltech.conf
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.asoundrc
+

sandfox/steam.profile

@@ -0,0 +1,136 @@
+# Sandfox Firefox Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+sandbox=steam
+
+# root folders and files required by firefox
+bindro=/bin
+bind=/dev/shm
+bind=/dev/null
+bind=/dev/urandom       # used by Firefox for security purposes
+bind=/dev/random        # used by Firefox for printing
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/etc
+bindro=/lib
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate
+bindro=/run/resolvconf   # used by Firefox for DNS support
+bindro=/usr/share/icons
+bindro=/usr/share/mime/mime.cache
+
+# prevent hackery
+hide=/usr/bin/perl
+hide=/usr/libexec/gcc
+hide=/usr/bin/perl5.12.4
+hide=/usr/x86_64-pc-linux-gnu/gcc-bin
+hide=/usr/bin/gcc
+hide=/usr/bin/cc
+hide=/usr/bin/g++
+hide=/usr/bin/cc
+hide=/usr/bin/c++
+hide=/usr/bin/gcc-config
+hide=/usr/bin/gcc-ar
+hide=/usr/bin/gcc-nm
+hide=/usr/bin/gcc-ranlib
+hide=/usr/bin/asan_symbolize.py
+hide=/usr/bin/asan_symbolize.py-pypy-c2.0
+hide=/usr/bin/asan_symbolize.py-python2.6
+hide=/usr/bin/asan_symbolize.py-python2.7
+hide=/usr/bin/c++-analyzer
+hide=/usr/bin/c-index-test
+hide=/usr/bin/ccc-analyzer
+hide=/usr/bin/clang
+hide=/usr/bin/clang++
+hide=/usr/bin/clang-check
+hide=/usr/bin/clang-format
+hide=/usr/bin/clang-tblgen
+hide=/usr/bin/scan-build
+hide=/usr/bin/scan-view
+hide=/usr/bin/scan-view-pypy-c2.0
+hide=/usr/bin/scan-view-python2.6
+hide=/usr/bin/scan-view-python2.7
+
+# required by alsa for Flash sound
+bindro=/dev/snd
+
+# required by Java
+bindro=/opt/java
+bindro=/proc
+
+# required by Cups printing in Firefox
+bind=/var/cache/cups        # Firefox starts faster
+bind=/var/cache/fontconfig  # Firefox starts faster
+bind=/var/run               # Firefox shows Cups printers
+
+# home folders and files
+# You may need to add additional binds to your home folders and files in order
+# for every aspect of Firefox to work as you want.  Or you can share your
+# entire /home/$user folder (this would reduce security)
+bindro=/home/$user/.Desktop/gamescripts/steam.sh
+bind=/home/$user/.steam
+bind=/home/$user/.local/share/Steam
+bind=/home/$user/.esd_auth
+bind=/home/$user/.fontconfig
+bindro=/home/$user/.asoundrc
+bindro=/home/$user/.icons
+bindro=/home/$user/.local/share/mime/mime.cache
+
+hide=/home/$user/.config/pulse
+hide=/home/$user/.nv
+
+
+# Needed for KDE and Gnome themes in Firefox   (may be incomplete for gnome)
+# To find out what other binds you may need, run 'env' in a shell as user
+#       and examine the values of GTK2_RC_FILES and GTK_RC_FILES and XCURSOR_THEME
+# Note: The bind for kdeglobals below is a limited privacy risk, as KDE4 stores
+#       recent file and folder names in this file.  You can clean this file with 
+#       kscrubber:  http://igurublog.wordpress.com/downloads/script-kscrubber/
+#       or don't bind it, but your theme may not work in Firefox
+bind=/home/$user/.config/gtk-2.0
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.fonts
+bind=/home/$user/.gtkrc-2.0
+bind=/home/$user/.gtkrc-2.0-kde4
+bind=/home/$user/.kde/share/config/gtkrc
+bind=/home/$user/.kde/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde/share/config/kdeglobals
+bind=/home/$user/.kde4/share/config/gtkrc
+bind=/home/$user/.kde4/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde4/share/config/kdeglobals
+bindro=/home/$user/.gtkrc-2.0-kde
+bind=/home/$user/.kde3/share/config/gtkrc
+bind=/home/$user/.kde3/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde3/share/config/kdeglobals
+bindro=/home/$user/.Xdefaults  # for cursor theme
+bindro=/home/$user/.Xauthority
+#bindro=/etc/gtk-2.0/gtkrc      # used but already binded all of /etc
+
+
+# Required by flash player for persisent LSOs
+# Hide will store the cookies in ram and destroy them on exit.  If you need
+# LSOs to be permanent, use bind= instead.
+# http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
+hide=/home/$user/.adobe            # creates a dummy folder
+hide=/home/$user/.macromedia   # creates a dummy folder
+
+
+# other folders and files
+# You may want to bind your Downloads or other data folders below so you
+# can easily save and upload files from within Firefox.
+
+

sandfox/thunderbird.profile

@@ -0,0 +1,125 @@
+# Sandfox Firefox Profile
+#
+# Note that default.profile is always loaded in addition to other profiles 
+#
+# For instructions consult http://igurublog.wordpress.com/downloads/script-sandfox/
+# OPTION
+# or
+# OPTION=VALUE   (Do not use quotes)
+#
+# To include another profile in this profile:
+# profile=PROFILENAME
+
+sandbox=thunderbird
+
+# root folders and files required by firefox
+bindro=/bin
+bind=/dev/null
+bind=/dev/urandom       # used by Firefox for security purposes
+bind=/dev/random        # used by Firefox for printing
+bind=/dev/nvidia0
+bind=/dev/nvidiactl
+bindro=/etc
+bindro=/lib
+bindro=/lib32
+bindro=/lib64
+bindro=/opt/lib32
+bind=/tmp
+bindro=/usr
+bindro=/var/lib
+hide=/var/lib/mlocate
+bindro=/run/resolvconf   # used by Firefox for DNS support
+
+# prevent hackery
+hide=/usr/bin/perl
+hide=/usr/libexec/gcc
+hide=/usr/bin/perl5.12.4
+hide=/usr/x86_64-pc-linux-gnu/gcc-bin
+hide=/usr/bin/gcc
+hide=/usr/bin/cc
+hide=/usr/bin/g++
+hide=/usr/bin/cc
+hide=/usr/bin/c++
+hide=/usr/bin/gcc-config
+hide=/usr/bin/gcc-ar
+hide=/usr/bin/gcc-nm
+hide=/usr/bin/gcc-ranlib
+hide=/usr/bin/asan_symbolize.py
+hide=/usr/bin/asan_symbolize.py-pypy-c2.0
+hide=/usr/bin/asan_symbolize.py-python2.6
+hide=/usr/bin/asan_symbolize.py-python2.7
+hide=/usr/bin/c++-analyzer
+hide=/usr/bin/c-index-test
+hide=/usr/bin/ccc-analyzer
+hide=/usr/bin/clang
+hide=/usr/bin/clang++
+hide=/usr/bin/clang-check
+hide=/usr/bin/clang-format
+hide=/usr/bin/clang-tblgen
+hide=/usr/bin/scan-build
+hide=/usr/bin/scan-view
+hide=/usr/bin/scan-view-pypy-c2.0
+hide=/usr/bin/scan-view-python2.6
+hide=/usr/bin/scan-view-python2.7
+
+# required by alsa for Flash sound
+bindro=/dev/snd
+
+# required by Java
+bindro=/opt/java
+bindro=/proc
+
+# required by Cups printing in Firefox
+bind=/var/cache/cups        # Firefox starts faster
+bind=/var/cache/fontconfig  # Firefox starts faster
+bind=/var/run               # Firefox shows Cups printers
+
+# home folders and files
+# You may need to add additional binds to your home folders and files in order
+# for every aspect of Firefox to work as you want.  Or you can share your
+# entire /home/$user folder (this would reduce security)
+bind=/home/$user/.thunderbird
+bind=/home/$user/.esd_auth
+bind=/home/$user/.java
+bindro=/home/$user/.asoundrc
+
+# Needed for KDE and Gnome themes in Firefox   (may be incomplete for gnome)
+# To find out what other binds you may need, run 'env' in a shell as user
+#       and examine the values of GTK2_RC_FILES and GTK_RC_FILES and XCURSOR_THEME
+# Note: The bind for kdeglobals below is a limited privacy risk, as KDE4 stores
+#       recent file and folder names in this file.  You can clean this file with 
+#       kscrubber:  http://igurublog.wordpress.com/downloads/script-kscrubber/
+#       or don't bind it, but your theme may not work in Firefox
+bind=/home/$user/.config/gtk-2.0
+bindro=/home/$user/.fontconfig
+bindro=/home/$user/.fonts
+bind=/home/$user/.gtkrc-2.0
+bind=/home/$user/.gtkrc-2.0-kde4
+bind=/home/$user/.kde/share/config/gtkrc
+bind=/home/$user/.kde/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde/share/config/kdeglobals
+bind=/home/$user/.kde4/share/config/gtkrc
+bind=/home/$user/.kde4/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde4/share/config/kdeglobals
+bindro=/home/$user/.gtkrc-2.0-kde
+bind=/home/$user/.kde3/share/config/gtkrc
+bind=/home/$user/.kde3/share/config/gtkrc-2.0      
+bindro=/home/$user/.kde3/share/config/kdeglobals
+bindro=/home/$user/.Xdefaults  # for cursor theme
+bindro=/home/$user/.Xauthority
+#bindro=/etc/gtk-2.0/gtkrc      # used but already binded all of /etc
+
+
+# Required by flash player for persisent LSOs
+# Hide will store the cookies in ram and destroy them on exit.  If you need
+# LSOs to be permanent, use bind= instead.
+# http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
+hide=/home/$user/.adobe            # creates a dummy folder
+hide=/home/$user/.macromedia   # creates a dummy folder
+
+
+# other folders and files
+# You may want to bind your Downloads or other data folders below so you
+# can easily save and upload files from within Firefox.
+
+