diff options
-rw-r--r-- | README | 14 | ||||
-rw-r--r-- | etc/0ad.profile | 3 | ||||
-rw-r--r-- | etc/2048-qt.profile | 4 | ||||
-rw-r--r-- | etc/calibre.profile | 4 | ||||
-rw-r--r-- | etc/cherrytree.profile | 3 | ||||
-rw-r--r-- | etc/eom.profile | 3 | ||||
-rw-r--r-- | etc/evince.profile | 3 | ||||
-rw-r--r-- | etc/gnome-chess.profile | 4 | ||||
-rw-r--r-- | etc/gnome-contacts.profile | 3 | ||||
-rw-r--r-- | etc/hexchat.profile | 3 | ||||
-rw-r--r-- | etc/leafpad.profile | 3 | ||||
-rw-r--r-- | etc/mousepad.profile | 1 | ||||
-rw-r--r-- | etc/ping.profile | 3 | ||||
-rw-r--r-- | etc/pinta.profile | 3 | ||||
-rw-r--r-- | etc/sol.profile | 3 | ||||
-rw-r--r-- | etc/virtualbox.profile | 1 | ||||
-rw-r--r-- | etc/warzone2100.profile | 1 | ||||
-rw-r--r-- | etc/wget.profile | 3 | ||||
-rw-r--r-- | etc/xcalc.profile | 3 |
19 files changed, 32 insertions, 33 deletions
@@ -49,6 +49,8 @@ Committers | |||
49 | 49 | ||
50 | Firejail Authors (alphabetical order) | 50 | Firejail Authors (alphabetical order) |
51 | 51 | ||
52 | 7twin (https://github.com/7twin_ | ||
53 | - fix typos | ||
52 | 1dnrr (https://github.com/1dnrr) | 54 | 1dnrr (https://github.com/1dnrr) |
53 | - add pybitmessage profile | 55 | - add pybitmessage profile |
54 | Aidan Gauland (https://github.com/aidalgol) | 56 | Aidan Gauland (https://github.com/aidalgol) |
@@ -439,6 +441,7 @@ n1trux (https://github.com/n1trux) | |||
439 | - fix flashpeak-slimjet profile typos | 441 | - fix flashpeak-slimjet profile typos |
440 | Nick Fox (https://github.com/njfox) | 442 | Nick Fox (https://github.com/njfox) |
441 | - add a profile alias for code-oss | 443 | - add a profile alias for code-oss |
444 | - add code-oss config directory | ||
442 | NickMolloy (https://github.com/NickMolloy) | 445 | NickMolloy (https://github.com/NickMolloy) |
443 | - ARP address length fix | 446 | - ARP address length fix |
444 | Niklas Haas (https://github.com/haasn) | 447 | Niklas Haas (https://github.com/haasn) |
@@ -450,6 +453,7 @@ Ondra Nekola (https://github.com/satai) | |||
450 | Lorenzo "Palinuro" Faletra (https://github.com/PalinuroSec) | 453 | Lorenzo "Palinuro" Faletra (https://github.com/PalinuroSec) |
451 | - prevent thunderbird conflicts when firefox is running | 454 | - prevent thunderbird conflicts when firefox is running |
452 | - add join-or-start to pluma to open multiple files in tabs | 455 | - add join-or-start to pluma to open multiple files in tabs |
456 | - fixes to keepassxc, thunderbird and pluma | ||
453 | Panzerfather (https://github.com/Panzerfather) | 457 | Panzerfather (https://github.com/Panzerfather) |
454 | - allow eog to access user's trash | 458 | - allow eog to access user's trash |
455 | Patrick Toomey (https://sourceforge.net/u/ptoomey/profile/) | 459 | Patrick Toomey (https://sourceforge.net/u/ptoomey/profile/) |
@@ -478,6 +482,8 @@ Petter Reinholdtsen (pere@hungry.com) | |||
478 | PharmaceuticalCobweb (https://github.com/PharmaceuticalCobweb) | 482 | PharmaceuticalCobweb (https://github.com/PharmaceuticalCobweb) |
479 | - fix quiterss profile | 483 | - fix quiterss profile |
480 | - added profile for gnome-ring | 484 | - added profile for gnome-ring |
485 | pianoslum (https://github.com/pianoslum) | ||
486 | - nodbus breaking evince two-page-view warning | ||
481 | pirate486743186 (https://github.com/pirate486743186) | 487 | pirate486743186 (https://github.com/pirate486743186) |
482 | - KMail profile | 488 | - KMail profile |
483 | - mpsyt profile | 489 | - mpsyt profile |
@@ -553,6 +559,8 @@ sarneaud (https://github.com/sarneaud) | |||
553 | - various enhancements and bug fixes | 559 | - various enhancements and bug fixes |
554 | Sergey Alirzaev (https://github.com/l29ah) | 560 | Sergey Alirzaev (https://github.com/l29ah) |
555 | - firejail.h enum fix | 561 | - firejail.h enum fix |
562 | Tobias Schmidl (https://github.com/schtobia) | ||
563 | - added profile for webui-aria2 | ||
556 | Simon Peter (https://github.com/probonopd) | 564 | Simon Peter (https://github.com/probonopd) |
557 | - set $APPIMAGE and $APPDIR environment variables | 565 | - set $APPIMAGE and $APPDIR environment variables |
558 | - AppImage version detection | 566 | - AppImage version detection |
@@ -715,6 +723,12 @@ veloute (https://github.com/veloute) | |||
715 | - fixed discord profile | 723 | - fixed discord profile |
716 | - fixes for various profiles | 724 | - fixes for various profiles |
717 | - removed vim and ranger from firecfg | 725 | - removed vim and ranger from firecfg |
726 | - fixing keepassxc auto-type, noexec /tmp | ||
727 | - fix ipc-namespace prblem in file-roller | ||
728 | - fix exiftool, viewnior, aria2c, ffmpegthumbnailer | ||
729 | - fix pavucontrol (ipcnamespace) | ||
730 | - fix gnuchess | ||
731 | - add anki profile | ||
718 | Vincent43 (https://github.com/Vincent43) | 732 | Vincent43 (https://github.com/Vincent43) |
719 | - apparmor enhancements | 733 | - apparmor enhancements |
720 | vismir2 (https://github.com/vismir2) | 734 | vismir2 (https://github.com/vismir2) |
diff --git a/etc/0ad.profile b/etc/0ad.profile index 674fb2c6a..88c9c453b 100644 --- a/etc/0ad.profile +++ b/etc/0ad.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.local/share/0ad | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-bin 0ad,pyrogenesis,sh,which | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile index 10f354f19..2347039a6 100644 --- a/etc/2048-qt.profile +++ b/etc/2048-qt.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/xiaoyong | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -39,6 +40,3 @@ shell none | |||
39 | disable-mnt | 40 | disable-mnt |
40 | private-dev | 41 | private-dev |
41 | private-tmp | 42 | private-tmp |
42 | |||
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/calibre.profile b/etc/calibre.profile index 5c7d3e1e7..363e9191d 100644 --- a/etc/calibre.profile +++ b/etc/calibre.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${DOCUMENTS} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
17 | include disable-xdg.inc | 18 | include disable-xdg.inc |
@@ -36,6 +37,3 @@ tracelog | |||
36 | 37 | ||
37 | private-dev | 38 | private-dev |
38 | private-tmp | 39 | private-tmp |
39 | |||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index 22bda418a..44ef12aa2 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -44,5 +45,3 @@ private-cache | |||
44 | private-dev | 45 | private-dev |
45 | private-tmp | 46 | private-tmp |
46 | 47 | ||
47 | noexec ${HOME} | ||
48 | noexec /tmp | ||
diff --git a/etc/eom.profile b/etc/eom.profile index a6007f99c..745e650aa 100644 --- a/etc/eom.profile +++ b/etc/eom.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.steam | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -43,5 +44,3 @@ private-lib | |||
43 | private-tmp | 44 | private-tmp |
44 | 45 | ||
45 | #memory-deny-write-execute - breaks on Arch | 46 | #memory-deny-write-execute - breaks on Arch |
46 | noexec ${HOME} | ||
47 | noexec /tmp | ||
diff --git a/etc/evince.profile b/etc/evince.profile index 27b59506b..b1f984784 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${DOCUMENTS} | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 17 | include disable-programs.inc |
@@ -46,5 +47,3 @@ private-lib evince,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libdjvulibre.so.*,li | |||
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
48 | # memory-deny-write-execute - might break application (https://github.com/netblue30/firejail/issues/1803) | 49 | # memory-deny-write-execute - might break application (https://github.com/netblue30/firejail/issues/1803) |
49 | noexec ${HOME} | ||
50 | noexec /tmp | ||
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile index dc5b62428..ed159fc82 100644 --- a/etc/gnome-chess.profile +++ b/etc/gnome-chess.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.local/share/gnome-chess | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.iinc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -37,6 +38,3 @@ private-bin fairymax,gnome-chess,hoichess,gnuchess | |||
37 | private-dev | 38 | private-dev |
38 | private-etc alternatives,fonts,gnome-chess | 39 | private-etc alternatives,fonts,gnome-chess |
39 | private-tmp | 40 | private-tmp |
40 | |||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile index 2a13b3b27..ac6d82451 100644 --- a/etc/gnome-contacts.profile +++ b/etc/gnome-contacts.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${DOCUMENTS} | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -35,5 +36,3 @@ disable-mnt | |||
35 | private-dev | 36 | private-dev |
36 | private-tmp | 37 | private-tmp |
37 | 38 | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/hexchat.profile b/etc/hexchat.profile index e8abf4b31..ee70e6655 100644 --- a/etc/hexchat.profile +++ b/etc/hexchat.profile | |||
@@ -19,6 +19,7 @@ noblacklist /usr/local/lib/python3* | |||
19 | 19 | ||
20 | include disable-common.inc | 20 | include disable-common.inc |
21 | include disable-devel.inc | 21 | include disable-devel.inc |
22 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
23 | include disable-passwdmgr.inc | 24 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 25 | include disable-programs.inc |
@@ -53,5 +54,3 @@ private-dev | |||
53 | private-tmp | 54 | private-tmp |
54 | 55 | ||
55 | # memory-deny-write-execute - breaks python | 56 | # memory-deny-write-execute - breaks python |
56 | noexec ${HOME} | ||
57 | noexec /tmp | ||
diff --git a/etc/leafpad.profile b/etc/leafpad.profile index 47ea5606a..56a792c8e 100644 --- a/etc/leafpad.profile +++ b/etc/leafpad.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/leafpad | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
@@ -36,5 +37,3 @@ private-dev | |||
36 | private-lib | 37 | private-lib |
37 | private-tmp | 38 | private-tmp |
38 | 39 | ||
39 | noexec ${HOME} | ||
40 | noexec /tmp | ||
diff --git a/etc/mousepad.profile b/etc/mousepad.profile index 4500f74a5..3b9807b28 100644 --- a/etc/mousepad.profile +++ b/etc/mousepad.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.config/Mousepad | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
diff --git a/etc/ping.profile b/etc/ping.profile index bdd29c1a1..66574bab5 100644 --- a/etc/ping.profile +++ b/etc/ping.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | include disable-devel.inc | 10 | include disable-devel.inc |
11 | include disable-exec.inc | ||
11 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
12 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
13 | include disable-programs.inc | 14 | include disable-programs.inc |
@@ -46,5 +47,3 @@ private-tmp | |||
46 | 47 | ||
47 | # memory-deny-write-execute is built using seccomp; nonewprivs will kill it | 48 | # memory-deny-write-execute is built using seccomp; nonewprivs will kill it |
48 | #memory-deny-write-execute | 49 | #memory-deny-write-execute |
49 | noexec ${HOME} | ||
50 | noexec /tmp | ||
diff --git a/etc/pinta.profile b/etc/pinta.profile index 3dfe3cc1b..8151bc98f 100644 --- a/etc/pinta.profile +++ b/etc/pinta.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${PICTURES} | |||
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
@@ -37,5 +38,3 @@ private-dev | |||
37 | private-cache | 38 | private-cache |
38 | private-tmp | 39 | private-tmp |
39 | 40 | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/sol.profile b/etc/sol.profile index c194eed05..ea1620b31 100644 --- a/etc/sol.profile +++ b/etc/sol.profile | |||
@@ -7,6 +7,7 @@ include globals.local | |||
7 | 7 | ||
8 | include disable-common.inc | 8 | include disable-common.inc |
9 | include disable-devel.inc | 9 | include disable-devel.inc |
10 | include disable-exec.inc | ||
10 | include disable-interpreters.inc | 11 | include disable-interpreters.inc |
11 | include disable-passwdmgr.inc | 12 | include disable-passwdmgr.inc |
12 | include disable-programs.inc | 13 | include disable-programs.inc |
@@ -40,5 +41,3 @@ private-dev | |||
40 | private-tmp | 41 | private-tmp |
41 | 42 | ||
42 | # memory-deny-write-execute | 43 | # memory-deny-write-execute |
43 | noexec ${HOME} | ||
44 | noexec /tmp | ||
diff --git a/etc/virtualbox.profile b/etc/virtualbox.profile index 1ef44dd5c..45f9949f3 100644 --- a/etc/virtualbox.profile +++ b/etc/virtualbox.profile | |||
@@ -14,6 +14,7 @@ noblacklist /usr/lib/virtualbox | |||
14 | noblacklist /usr/lib64/virtualbox | 14 | noblacklist /usr/lib64/virtualbox |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-exec.inc | ||
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
19 | 20 | ||
diff --git a/etc/warzone2100.profile b/etc/warzone2100.profile index 816f2236c..85cbc5e43 100644 --- a/etc/warzone2100.profile +++ b/etc/warzone2100.profile | |||
@@ -10,6 +10,7 @@ noblacklist ${HOME}/.warzone2100-3.* | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | ||
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 16 | include disable-programs.inc |
diff --git a/etc/wget.profile b/etc/wget.profile index c0a6f0d21..a7ef32e2c 100644 --- a/etc/wget.profile +++ b/etc/wget.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.wget-hsts | |||
13 | noblacklist ${HOME}/.wgetrc | 13 | noblacklist ${HOME}/.wgetrc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-exec.inc | ||
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 18 | include disable-programs.inc |
18 | 19 | ||
@@ -38,5 +39,3 @@ private-dev | |||
38 | # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies | 39 | # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies |
39 | # private-tmp | 40 | # private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||
diff --git a/etc/xcalc.profile b/etc/xcalc.profile index 1941787b1..0ad423d30 100644 --- a/etc/xcalc.profile +++ b/etc/xcalc.profile | |||
@@ -7,6 +7,7 @@ include globals.local | |||
7 | 7 | ||
8 | include disable-common.inc | 8 | include disable-common.inc |
9 | include disable-devel.inc | 9 | include disable-devel.inc |
10 | include disable-exec.inc | ||
10 | include disable-interpreters.inc | 11 | include disable-interpreters.inc |
11 | include disable-passwdmgr.inc | 12 | include disable-passwdmgr.inc |
12 | include disable-programs.inc | 13 | include disable-programs.inc |
@@ -38,5 +39,3 @@ private-dev | |||
38 | private-lib | 39 | private-lib |
39 | private-tmp | 40 | private-tmp |
40 | 41 | ||
41 | noexec ${HOME} | ||
42 | noexec /tmp | ||