aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2019-04-07 21:19:49 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2019-04-07 21:19:49 -0400
commitd2e7377e89412df02d8f8e62ad8d7c28ec861aed (patch)
treeb76097ebb285979e5923f74a90986e19c4524f3d
parentAdd note about firejail-profiles to issues instructions (diff)
downloadfirejail-d2e7377e89412df02d8f8e62ad8d7c28ec861aed.tar.gz
firejail-d2e7377e89412df02d8f8e62ad8d7c28ec861aed.tar.zst
firejail-d2e7377e89412df02d8f8e62ad8d7c28ec861aed.zip
adding disable-exec.inc to more profiles
Diffstat
-rw-r--r--README14
-rw-r--r--etc/0ad.profile3
-rw-r--r--etc/2048-qt.profile4
-rw-r--r--etc/calibre.profile4
-rw-r--r--etc/cherrytree.profile3
-rw-r--r--etc/eom.profile3
-rw-r--r--etc/evince.profile3
-rw-r--r--etc/gnome-chess.profile4
-rw-r--r--etc/gnome-contacts.profile3
-rw-r--r--etc/hexchat.profile3
-rw-r--r--etc/leafpad.profile3
-rw-r--r--etc/mousepad.profile1
-rw-r--r--etc/ping.profile3
-rw-r--r--etc/pinta.profile3
-rw-r--r--etc/sol.profile3
-rw-r--r--etc/virtualbox.profile1
-rw-r--r--etc/warzone2100.profile1
-rw-r--r--etc/wget.profile3
-rw-r--r--etc/xcalc.profile3
19 files changed, 32 insertions, 33 deletions
diff --git a/README b/README
index 71dac1fd4..d41ae967a 100644
--- a/README
+++ b/README
@@ -49,6 +49,8 @@ Committers
49 49
50Firejail Authors (alphabetical order) 50Firejail Authors (alphabetical order)
51 51
527twin (https://github.com/7twin_
53 - fix typos
521dnrr (https://github.com/1dnrr) 541dnrr (https://github.com/1dnrr)
53 - add pybitmessage profile 55 - add pybitmessage profile
54Aidan Gauland (https://github.com/aidalgol) 56Aidan Gauland (https://github.com/aidalgol)
@@ -439,6 +441,7 @@ n1trux (https://github.com/n1trux)
439 - fix flashpeak-slimjet profile typos 441 - fix flashpeak-slimjet profile typos
440Nick Fox (https://github.com/njfox) 442Nick Fox (https://github.com/njfox)
441 - add a profile alias for code-oss 443 - add a profile alias for code-oss
444 - add code-oss config directory
442NickMolloy (https://github.com/NickMolloy) 445NickMolloy (https://github.com/NickMolloy)
443 - ARP address length fix 446 - ARP address length fix
444Niklas Haas (https://github.com/haasn) 447Niklas Haas (https://github.com/haasn)
@@ -450,6 +453,7 @@ Ondra Nekola (https://github.com/satai)
450Lorenzo "Palinuro" Faletra (https://github.com/PalinuroSec) 453Lorenzo "Palinuro" Faletra (https://github.com/PalinuroSec)
451 - prevent thunderbird conflicts when firefox is running 454 - prevent thunderbird conflicts when firefox is running
452 - add join-or-start to pluma to open multiple files in tabs 455 - add join-or-start to pluma to open multiple files in tabs
456 - fixes to keepassxc, thunderbird and pluma
453Panzerfather (https://github.com/Panzerfather) 457Panzerfather (https://github.com/Panzerfather)
454 - allow eog to access user's trash 458 - allow eog to access user's trash
455Patrick Toomey (https://sourceforge.net/u/ptoomey/profile/) 459Patrick Toomey (https://sourceforge.net/u/ptoomey/profile/)
@@ -478,6 +482,8 @@ Petter Reinholdtsen (pere@hungry.com)
478PharmaceuticalCobweb (https://github.com/PharmaceuticalCobweb) 482PharmaceuticalCobweb (https://github.com/PharmaceuticalCobweb)
479 - fix quiterss profile 483 - fix quiterss profile
480 - added profile for gnome-ring 484 - added profile for gnome-ring
485pianoslum (https://github.com/pianoslum)
486 - nodbus breaking evince two-page-view warning
481pirate486743186 (https://github.com/pirate486743186) 487pirate486743186 (https://github.com/pirate486743186)
482 - KMail profile 488 - KMail profile
483 - mpsyt profile 489 - mpsyt profile
@@ -553,6 +559,8 @@ sarneaud (https://github.com/sarneaud)
553 - various enhancements and bug fixes 559 - various enhancements and bug fixes
554Sergey Alirzaev (https://github.com/l29ah) 560Sergey Alirzaev (https://github.com/l29ah)
555 - firejail.h enum fix 561 - firejail.h enum fix
562Tobias Schmidl (https://github.com/schtobia)
563 - added profile for webui-aria2
556Simon Peter (https://github.com/probonopd) 564Simon Peter (https://github.com/probonopd)
557 - set $APPIMAGE and $APPDIR environment variables 565 - set $APPIMAGE and $APPDIR environment variables
558 - AppImage version detection 566 - AppImage version detection
@@ -715,6 +723,12 @@ veloute (https://github.com/veloute)
715 - fixed discord profile 723 - fixed discord profile
716 - fixes for various profiles 724 - fixes for various profiles
717 - removed vim and ranger from firecfg 725 - removed vim and ranger from firecfg
726 - fixing keepassxc auto-type, noexec /tmp
727 - fix ipc-namespace prblem in file-roller
728 - fix exiftool, viewnior, aria2c, ffmpegthumbnailer
729 - fix pavucontrol (ipcnamespace)
730 - fix gnuchess
731 - add anki profile
718Vincent43 (https://github.com/Vincent43) 732Vincent43 (https://github.com/Vincent43)
719 - apparmor enhancements 733 - apparmor enhancements
720vismir2 (https://github.com/vismir2) 734vismir2 (https://github.com/vismir2)
diff --git a/etc/0ad.profile b/etc/0ad.profile
index 674fb2c6a..88c9c453b 100644
--- a/etc/0ad.profile
+++ b/etc/0ad.profile
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/0ad
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
15include disable-exec.inc
15include disable-interpreters.inc 16include disable-interpreters.inc
16include disable-passwdmgr.inc 17include disable-passwdmgr.inc
17include disable-programs.inc 18include disable-programs.inc
@@ -44,5 +45,3 @@ private-bin 0ad,pyrogenesis,sh,which
44private-dev 45private-dev
45private-tmp 46private-tmp
46 47
47noexec ${HOME}
48noexec /tmp
diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile
index 10f354f19..2347039a6 100644
--- a/etc/2048-qt.profile
+++ b/etc/2048-qt.profile
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/xiaoyong
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
14include disable-exec.inc
14include disable-interpreters.inc 15include disable-interpreters.inc
15include disable-passwdmgr.inc 16include disable-passwdmgr.inc
16include disable-programs.inc 17include disable-programs.inc
@@ -39,6 +40,3 @@ shell none
39disable-mnt 40disable-mnt
40private-dev 41private-dev
41private-tmp 42private-tmp
42
43noexec ${HOME}
44noexec /tmp
diff --git a/etc/calibre.profile b/etc/calibre.profile
index 5c7d3e1e7..363e9191d 100644
--- a/etc/calibre.profile
+++ b/etc/calibre.profile
@@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
15include disable-exec.inc
15include disable-passwdmgr.inc 16include disable-passwdmgr.inc
16include disable-programs.inc 17include disable-programs.inc
17include disable-xdg.inc 18include disable-xdg.inc
@@ -36,6 +37,3 @@ tracelog
36 37
37private-dev 38private-dev
38private-tmp 39private-tmp
39
40noexec ${HOME}
41noexec /tmp
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile
index 22bda418a..44ef12aa2 100644
--- a/etc/cherrytree.profile
+++ b/etc/cherrytree.profile
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3*
19 19
20include disable-common.inc 20include disable-common.inc
21include disable-devel.inc 21include disable-devel.inc
22include disable-exec.inc
22include disable-interpreters.inc 23include disable-interpreters.inc
23include disable-passwdmgr.inc 24include disable-passwdmgr.inc
24include disable-programs.inc 25include disable-programs.inc
@@ -44,5 +45,3 @@ private-cache
44private-dev 45private-dev
45private-tmp 46private-tmp
46 47
47noexec ${HOME}
48noexec /tmp
diff --git a/etc/eom.profile b/etc/eom.profile
index a6007f99c..745e650aa 100644
--- a/etc/eom.profile
+++ b/etc/eom.profile
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.steam
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
16include disable-exec.inc
16include disable-interpreters.inc 17include disable-interpreters.inc
17include disable-passwdmgr.inc 18include disable-passwdmgr.inc
18include disable-programs.inc 19include disable-programs.inc
@@ -43,5 +44,3 @@ private-lib
43private-tmp 44private-tmp
44 45
45#memory-deny-write-execute - breaks on Arch 46#memory-deny-write-execute - breaks on Arch
46noexec ${HOME}
47noexec /tmp
diff --git a/etc/evince.profile b/etc/evince.profile
index 27b59506b..b1f984784 100644
--- a/etc/evince.profile
+++ b/etc/evince.profile
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
14include disable-exec.inc
14include disable-interpreters.inc 15include disable-interpreters.inc
15include disable-passwdmgr.inc 16include disable-passwdmgr.inc
16include disable-programs.inc 17include disable-programs.inc
@@ -46,5 +47,3 @@ private-lib evince,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libdjvulibre.so.*,li
46private-tmp 47private-tmp
47 48
48# memory-deny-write-execute - might break application (https://github.com/netblue30/firejail/issues/1803) 49# memory-deny-write-execute - might break application (https://github.com/netblue30/firejail/issues/1803)
49noexec ${HOME}
50noexec /tmp
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile
index dc5b62428..ed159fc82 100644
--- a/etc/gnome-chess.profile
+++ b/etc/gnome-chess.profile
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/gnome-chess
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
13include disable-exec.iinc
13include disable-interpreters.inc 14include disable-interpreters.inc
14include disable-passwdmgr.inc 15include disable-passwdmgr.inc
15include disable-programs.inc 16include disable-programs.inc
@@ -37,6 +38,3 @@ private-bin fairymax,gnome-chess,hoichess,gnuchess
37private-dev 38private-dev
38private-etc alternatives,fonts,gnome-chess 39private-etc alternatives,fonts,gnome-chess
39private-tmp 40private-tmp
40
41noexec ${HOME}
42noexec /tmp
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile
index 2a13b3b27..ac6d82451 100644
--- a/etc/gnome-contacts.profile
+++ b/etc/gnome-contacts.profile
@@ -10,6 +10,7 @@ noblacklist ${DOCUMENTS}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
13include disable-exec.inc
13include disable-interpreters.inc 14include disable-interpreters.inc
14include disable-passwdmgr.inc 15include disable-passwdmgr.inc
15include disable-programs.inc 16include disable-programs.inc
@@ -35,5 +36,3 @@ disable-mnt
35private-dev 36private-dev
36private-tmp 37private-tmp
37 38
38noexec ${HOME}
39noexec /tmp
diff --git a/etc/hexchat.profile b/etc/hexchat.profile
index e8abf4b31..ee70e6655 100644
--- a/etc/hexchat.profile
+++ b/etc/hexchat.profile
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3*
19 19
20include disable-common.inc 20include disable-common.inc
21include disable-devel.inc 21include disable-devel.inc
22include disable-exec.inc
22include disable-interpreters.inc 23include disable-interpreters.inc
23include disable-passwdmgr.inc 24include disable-passwdmgr.inc
24include disable-programs.inc 25include disable-programs.inc
@@ -53,5 +54,3 @@ private-dev
53private-tmp 54private-tmp
54 55
55# memory-deny-write-execute - breaks python 56# memory-deny-write-execute - breaks python
56noexec ${HOME}
57noexec /tmp
diff --git a/etc/leafpad.profile b/etc/leafpad.profile
index 47ea5606a..56a792c8e 100644
--- a/etc/leafpad.profile
+++ b/etc/leafpad.profile
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/leafpad
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
13include disable-exec.inc
13include disable-interpreters.inc 14include disable-interpreters.inc
14include disable-passwdmgr.inc 15include disable-passwdmgr.inc
15include disable-programs.inc 16include disable-programs.inc
@@ -36,5 +37,3 @@ private-dev
36private-lib 37private-lib
37private-tmp 38private-tmp
38 39
39noexec ${HOME}
40noexec /tmp
diff --git a/etc/mousepad.profile b/etc/mousepad.profile
index 4500f74a5..3b9807b28 100644
--- a/etc/mousepad.profile
+++ b/etc/mousepad.profile
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Mousepad
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
13include disable-exec.inc
13include disable-interpreters.inc 14include disable-interpreters.inc
14include disable-passwdmgr.inc 15include disable-passwdmgr.inc
15include disable-programs.inc 16include disable-programs.inc
diff --git a/etc/ping.profile b/etc/ping.profile
index bdd29c1a1..66574bab5 100644
--- a/etc/ping.profile
+++ b/etc/ping.profile
@@ -8,6 +8,7 @@ include globals.local
8 8
9include disable-common.inc 9include disable-common.inc
10include disable-devel.inc 10include disable-devel.inc
11include disable-exec.inc
11include disable-interpreters.inc 12include disable-interpreters.inc
12include disable-passwdmgr.inc 13include disable-passwdmgr.inc
13include disable-programs.inc 14include disable-programs.inc
@@ -46,5 +47,3 @@ private-tmp
46 47
47# memory-deny-write-execute is built using seccomp; nonewprivs will kill it 48# memory-deny-write-execute is built using seccomp; nonewprivs will kill it
48#memory-deny-write-execute 49#memory-deny-write-execute
49noexec ${HOME}
50noexec /tmp
diff --git a/etc/pinta.profile b/etc/pinta.profile
index 3dfe3cc1b..8151bc98f 100644
--- a/etc/pinta.profile
+++ b/etc/pinta.profile
@@ -12,6 +12,7 @@ noblacklist ${PICTURES}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
15include disable-exec.inc
15include disable-interpreters.inc 16include disable-interpreters.inc
16include disable-passwdmgr.inc 17include disable-passwdmgr.inc
17include disable-programs.inc 18include disable-programs.inc
@@ -37,5 +38,3 @@ private-dev
37private-cache 38private-cache
38private-tmp 39private-tmp
39 40
40noexec ${HOME}
41noexec /tmp
diff --git a/etc/sol.profile b/etc/sol.profile
index c194eed05..ea1620b31 100644
--- a/etc/sol.profile
+++ b/etc/sol.profile
@@ -7,6 +7,7 @@ include globals.local
7 7
8include disable-common.inc 8include disable-common.inc
9include disable-devel.inc 9include disable-devel.inc
10include disable-exec.inc
10include disable-interpreters.inc 11include disable-interpreters.inc
11include disable-passwdmgr.inc 12include disable-passwdmgr.inc
12include disable-programs.inc 13include disable-programs.inc
@@ -40,5 +41,3 @@ private-dev
40private-tmp 41private-tmp
41 42
42# memory-deny-write-execute 43# memory-deny-write-execute
43noexec ${HOME}
44noexec /tmp
diff --git a/etc/virtualbox.profile b/etc/virtualbox.profile
index 1ef44dd5c..45f9949f3 100644
--- a/etc/virtualbox.profile
+++ b/etc/virtualbox.profile
@@ -14,6 +14,7 @@ noblacklist /usr/lib/virtualbox
14noblacklist /usr/lib64/virtualbox 14noblacklist /usr/lib64/virtualbox
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-exec.inc
17include disable-passwdmgr.inc 18include disable-passwdmgr.inc
18include disable-programs.inc 19include disable-programs.inc
19 20
diff --git a/etc/warzone2100.profile b/etc/warzone2100.profile
index 816f2236c..85cbc5e43 100644
--- a/etc/warzone2100.profile
+++ b/etc/warzone2100.profile
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.warzone2100-3.*
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
13include disable-exec.inc
13include disable-interpreters.inc 14include disable-interpreters.inc
14include disable-passwdmgr.inc 15include disable-passwdmgr.inc
15include disable-programs.inc 16include disable-programs.inc
diff --git a/etc/wget.profile b/etc/wget.profile
index c0a6f0d21..a7ef32e2c 100644
--- a/etc/wget.profile
+++ b/etc/wget.profile
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.wget-hsts
13noblacklist ${HOME}/.wgetrc 13noblacklist ${HOME}/.wgetrc
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-exec.inc
16include disable-passwdmgr.inc 17include disable-passwdmgr.inc
17include disable-programs.inc 18include disable-programs.inc
18 19
@@ -38,5 +39,3 @@ private-dev
38# private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies 39# private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies
39# private-tmp 40# private-tmp
40 41
41noexec ${HOME}
42noexec /tmp
diff --git a/etc/xcalc.profile b/etc/xcalc.profile
index 1941787b1..0ad423d30 100644
--- a/etc/xcalc.profile
+++ b/etc/xcalc.profile
@@ -7,6 +7,7 @@ include globals.local
7 7
8include disable-common.inc 8include disable-common.inc
9include disable-devel.inc 9include disable-devel.inc
10include disable-exec.inc
10include disable-interpreters.inc 11include disable-interpreters.inc
11include disable-passwdmgr.inc 12include disable-passwdmgr.inc
12include disable-programs.inc 13include disable-programs.inc
@@ -38,5 +39,3 @@ private-dev
38private-lib 39private-lib
39private-tmp 40private-tmp
40 41
41noexec ${HOME}
42noexec /tmp
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-30 14:33:11 +0000