diff options
author | netblue30 <netblue30@yahoo.com> | 2016-07-31 07:50:29 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-07-31 07:50:29 -0400 |
commit | 31aef5fe61d713ae1c7d1aad1ffdc07599caccd5 (patch) | |
tree | d6ffe7865442f6332b92c50ec208e172745c3f5f | |
parent | Merge pull request #668 from thomasjfox/improve-trace (diff) | |
parent | Add file.profile (diff) | |
download | firejail-31aef5fe61d713ae1c7d1aad1ffdc07599caccd5.tar.gz firejail-31aef5fe61d713ae1c7d1aad1ffdc07599caccd5.tar.zst firejail-31aef5fe61d713ae1c7d1aad1ffdc07599caccd5.zip |
Merge pull request #665 from thomasjfox/unpacker-profiles
Add profiles for tar (gtar), unzip and unrar
-rw-r--r-- | Makefile.in | 5 | ||||
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | README.md | 1 | ||||
-rw-r--r-- | RELNOTES | 1 | ||||
-rw-r--r-- | etc/file.profile | 11 | ||||
-rw-r--r-- | etc/gtar.profile | 1 | ||||
-rw-r--r-- | etc/tar.profile | 13 | ||||
-rw-r--r-- | etc/unrar.profile | 11 | ||||
-rw-r--r-- | etc/unzip.profile | 11 | ||||
-rw-r--r-- | platform/debian/conffiles | 5 |
10 files changed, 61 insertions, 0 deletions
diff --git a/Makefile.in b/Makefile.in index 04e93eec2..2a90a0fdd 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -131,6 +131,7 @@ realinstall: | |||
131 | install -c -m 0644 .etc/epiphany.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 131 | install -c -m 0644 .etc/epiphany.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
132 | install -c -m 0644 .etc/evince.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 132 | install -c -m 0644 .etc/evince.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
133 | install -c -m 0644 .etc/fbreader.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 133 | install -c -m 0644 .etc/fbreader.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
134 | install -c -m 0644 .etc/file.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
134 | install -c -m 0644 .etc/filezilla.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 135 | install -c -m 0644 .etc/filezilla.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
135 | install -c -m 0644 .etc/firefox-esr.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 136 | install -c -m 0644 .etc/firefox-esr.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
136 | install -c -m 0644 .etc/firefox.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 137 | install -c -m 0644 .etc/firefox.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
@@ -144,6 +145,7 @@ realinstall: | |||
144 | install -c -m 0644 .etc/google-chrome.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 145 | install -c -m 0644 .etc/google-chrome.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
145 | install -c -m 0644 .etc/google-play-music-desktop-player.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 146 | install -c -m 0644 .etc/google-play-music-desktop-player.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
146 | install -c -m 0644 .etc/gpredict.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 147 | install -c -m 0644 .etc/gpredict.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
148 | install -c -m 0644 .etc/gtar.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
147 | install -c -m 0644 .etc/gthumb.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 149 | install -c -m 0644 .etc/gthumb.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
148 | install -c -m 0644 .etc/gwenview.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 150 | install -c -m 0644 .etc/gwenview.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
149 | install -c -m 0644 .etc/gzip.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 151 | install -c -m 0644 .etc/gzip.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
@@ -201,6 +203,7 @@ realinstall: | |||
201 | install -c -m 0644 .etc/steam.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 203 | install -c -m 0644 .etc/steam.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
202 | install -c -m 0644 .etc/stellarium.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 204 | install -c -m 0644 .etc/stellarium.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
203 | install -c -m 0644 .etc/strings.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 205 | install -c -m 0644 .etc/strings.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
206 | install -c -m 0644 .etc/tar.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
204 | install -c -m 0644 .etc/telegram.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 207 | install -c -m 0644 .etc/telegram.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
205 | install -c -m 0644 .etc/thunderbird.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 208 | install -c -m 0644 .etc/thunderbird.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
206 | install -c -m 0644 .etc/totem.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 209 | install -c -m 0644 .etc/totem.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
@@ -208,6 +211,8 @@ realinstall: | |||
208 | install -c -m 0644 .etc/transmission-qt.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 211 | install -c -m 0644 .etc/transmission-qt.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
209 | install -c -m 0644 .etc/uget-gtk.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 212 | install -c -m 0644 .etc/uget-gtk.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
210 | install -c -m 0644 .etc/unbound.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 213 | install -c -m 0644 .etc/unbound.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
214 | install -c -m 0644 .etc/unrar.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
215 | install -c -m 0644 .etc/unzip.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
211 | install -c -m 0644 .etc/uudeview.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 216 | install -c -m 0644 .etc/uudeview.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
212 | install -c -m 0644 .etc/vivaldi-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 217 | install -c -m 0644 .etc/vivaldi-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
213 | install -c -m 0644 .etc/vivaldi.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 218 | install -c -m 0644 .etc/vivaldi.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
@@ -34,6 +34,8 @@ Peter Hogg (https://github.com/pigmonkey) | |||
34 | Thomas Jarosch (https://github.com/thomasjfox) | 34 | Thomas Jarosch (https://github.com/thomasjfox) |
35 | - disable keepassx in disable-passwdmgr.inc | 35 | - disable keepassx in disable-passwdmgr.inc |
36 | - added uudeview profile | 36 | - added uudeview profile |
37 | - added tar (gtar), unzip and unrar profile | ||
38 | - added file profile | ||
37 | - improved profile list | 39 | - improved profile list |
38 | - fixed small variable glitch in stat64() / lstat64() (libtracelog) | 40 | - fixed small variable glitch in stat64() / lstat64() (libtracelog) |
39 | - added lstat() / lstat64() support to libtrace | 41 | - added lstat() / lstat64() support to libtrace |
@@ -156,4 +156,5 @@ Browsers: Palemoon | |||
156 | ## New security profiles | 156 | ## New security profiles |
157 | 157 | ||
158 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less, Atom Beta, Atom, jitsi, eom, uudeview | 158 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less, Atom Beta, Atom, jitsi, eom, uudeview |
159 | tar (gtar), unzip, unrar, file | ||
159 | 160 | ||
@@ -16,6 +16,7 @@ firejail (0.9.42~rc2) baseline; urgency=low | |||
16 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice | 16 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice |
17 | * new profiles: pix, audacity, strings, xz, xzdec, gzip, cpio, less | 17 | * new profiles: pix, audacity, strings, xz, xzdec, gzip, cpio, less |
18 | * new profiles: Atom Beta, Atom, jitsi, eom, uudeview | 18 | * new profiles: Atom Beta, Atom, jitsi, eom, uudeview |
19 | * new profiles: tar (gtar), unzip, unrar, file | ||
19 | -- netblue30 <netblue30@yahoo.com> Thu, 21 Jul 2016 08:00:00 -0500 | 20 | -- netblue30 <netblue30@yahoo.com> Thu, 21 Jul 2016 08:00:00 -0500 |
20 | 21 | ||
21 | firejail (0.9.40) baseline; urgency=low | 22 | firejail (0.9.40) baseline; urgency=low |
diff --git a/etc/file.profile b/etc/file.profile new file mode 100644 index 000000000..357576040 --- /dev/null +++ b/etc/file.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # file profile | ||
2 | include /etc/firejail/default.profile | ||
3 | |||
4 | tracelog | ||
5 | net none | ||
6 | shell none | ||
7 | private-bin file | ||
8 | private-dev | ||
9 | private-etc magic.mgc,magic,localtime | ||
10 | hostname file | ||
11 | nosound | ||
diff --git a/etc/gtar.profile b/etc/gtar.profile new file mode 100644 index 000000000..5dbc550f6 --- /dev/null +++ b/etc/gtar.profile | |||
@@ -0,0 +1 @@ | |||
include /etc/firejail/tar.profile | |||
diff --git a/etc/tar.profile b/etc/tar.profile new file mode 100644 index 000000000..4ce3e59f0 --- /dev/null +++ b/etc/tar.profile | |||
@@ -0,0 +1,13 @@ | |||
1 | # tar profile | ||
2 | include /etc/firejail/default.profile | ||
3 | |||
4 | tracelog | ||
5 | net none | ||
6 | shell none | ||
7 | |||
8 | # support compressed archives | ||
9 | private-bin tar,gtar,compress,gzip,lzma,xz,bzip2,lbzip2,lzip,lzop | ||
10 | private-dev | ||
11 | private-etc passwd,group,localtime | ||
12 | hostname tar | ||
13 | nosound | ||
diff --git a/etc/unrar.profile b/etc/unrar.profile new file mode 100644 index 000000000..ccd144699 --- /dev/null +++ b/etc/unrar.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # unrar profile | ||
2 | include /etc/firejail/default.profile | ||
3 | |||
4 | tracelog | ||
5 | net none | ||
6 | shell none | ||
7 | private-bin unrar | ||
8 | private-dev | ||
9 | private-etc passwd,group,localtime | ||
10 | hostname unrar | ||
11 | nosound | ||
diff --git a/etc/unzip.profile b/etc/unzip.profile new file mode 100644 index 000000000..d4862004c --- /dev/null +++ b/etc/unzip.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # unzip profile | ||
2 | include /etc/firejail/default.profile | ||
3 | |||
4 | tracelog | ||
5 | net none | ||
6 | shell none | ||
7 | private-bin unzip | ||
8 | private-dev | ||
9 | private-etc passwd,group,localtime | ||
10 | hostname unzip | ||
11 | nosound | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 5367edfe5..76ca9d44e 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -36,6 +36,7 @@ | |||
36 | /etc/firejail/epiphany.profile | 36 | /etc/firejail/epiphany.profile |
37 | /etc/firejail/evince.profile | 37 | /etc/firejail/evince.profile |
38 | /etc/firejail/fbreader.profile | 38 | /etc/firejail/fbreader.profile |
39 | /etc/firejail/file.profile | ||
39 | /etc/firejail/filezilla.profile | 40 | /etc/firejail/filezilla.profile |
40 | /etc/firejail/firefox-esr.profile | 41 | /etc/firejail/firefox-esr.profile |
41 | /etc/firejail/firefox.profile | 42 | /etc/firejail/firefox.profile |
@@ -50,6 +51,7 @@ | |||
50 | /etc/firejail/google-chrome.profile | 51 | /etc/firejail/google-chrome.profile |
51 | /etc/firejail/google-play-music-desktop-player.profile | 52 | /etc/firejail/google-play-music-desktop-player.profile |
52 | /etc/firejail/gpredict.profile | 53 | /etc/firejail/gpredict.profile |
54 | /etc/firejail/gtar.profile | ||
53 | /etc/firejail/gthumb.profile | 55 | /etc/firejail/gthumb.profile |
54 | /etc/firejail/gwenview.profile | 56 | /etc/firejail/gwenview.profile |
55 | /etc/firejail/gzip.profile | 57 | /etc/firejail/gzip.profile |
@@ -108,6 +110,7 @@ | |||
108 | /etc/firejail/steam.profile | 110 | /etc/firejail/steam.profile |
109 | /etc/firejail/stellarium.profile | 111 | /etc/firejail/stellarium.profile |
110 | /etc/firejail/strings.profile | 112 | /etc/firejail/strings.profile |
113 | /etc/firejail/tar.profile | ||
111 | /etc/firejail/telegram.profile | 114 | /etc/firejail/telegram.profile |
112 | /etc/firejail/thunderbird.profile | 115 | /etc/firejail/thunderbird.profile |
113 | /etc/firejail/totem.profile | 116 | /etc/firejail/totem.profile |
@@ -115,6 +118,8 @@ | |||
115 | /etc/firejail/transmission-qt.profile | 118 | /etc/firejail/transmission-qt.profile |
116 | /etc/firejail/uget-gtk.profile | 119 | /etc/firejail/uget-gtk.profile |
117 | /etc/firejail/unbound.profile | 120 | /etc/firejail/unbound.profile |
121 | /etc/firejail/unrar.profile | ||
122 | /etc/firejail/unzip.profile | ||
118 | /etc/firejail/uudeview.profile | 123 | /etc/firejail/uudeview.profile |
119 | /etc/firejail/vivaldi-beta.profile | 124 | /etc/firejail/vivaldi-beta.profile |
120 | /etc/firejail/vivaldi.profile | 125 | /etc/firejail/vivaldi.profile |