summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* Update pull_request_template.mdLibravatar rusty-snake2019-07-28
|
* fix ghostwriterLibravatar rusty-snake2019-07-28
|
* fix private-tmp/pam-tmpdir interaction - #2685Libravatar smitsohu2019-07-27
|
* update version tableLibravatar Reiner Herrmann2019-07-26
|
* Remove private-cache from unzipLibravatar glitsj162019-07-26
| | | The `private-cache` option breaks electron related builds (see [this](https://github.com/minbrowser/min/issues/793) for an example).
* fix file-roller.profileLibravatar rusty-snake2019-07-25
|
* update private-bin for tbbLibravatar rusty-snake2019-07-25
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-07-25
|\
| * fix make scan-build for debian 10 and archLibravatar netblue302019-07-22
| |
| * fix make cppcheck for debian 10Libravatar netblue302019-07-22
| |
| * snap cleanup - #2865Libravatar netblue302019-07-22
| |
| * Update syscalls.txtLibravatar rusty-snake2019-07-22
| | | | | | | | | | | | * remove mincore * add @default without chroot * add @default-nodebuggers without chroot
* | fix whitelisting for homedirs outside /homeLibravatar smitsohu2019-07-25
| |
* | fix verbosity for non-authorized userLibravatar smitsohu2019-07-22
|/ | | | | | users not in firejail.users should only see the error, not the symlink warning. Also exposes less code to non- authorized users.
* mergesLibravatar rusty-snake2019-07-18
|
* fix gucharmap & add gnome-characters, gnome-character-mapLibravatar rusty-snake2019-07-18
|
* use allow-debuggers in spectre-meltdown-checkerLibravatar rusty-snake2019-07-18
|
* Harden gnome-scheduleLibravatar glitsj162019-07-18
| | | Let's disable using a terminal for cron job testing by default and make this a whitelist profile.
* travis ci: add enable-fatal-warningsLibravatar smitsohu2019-07-18
|
* document profile support for allow-debuggers in firejail-profile man page ↵Libravatar Sebastian Hafner2019-07-17
| | | | (#2861)
* faudit: fix gcc stringop-truncation warningLibravatar smitsohu2019-07-17
|
* packaging badgeLibravatar netblue302019-07-16
|
* apparmor: minor improvementsLibravatar Vincent432019-07-16
| | | | | | | Use @{PID} consistently. Remove 'deny /proc/** w,' suggestion as it will break all whitelisted entries.
* check for dir existence before private-* mountLibravatar smitsohu2019-07-16
| | | fixes #2859
* profile support for allow-debuggers (#2856)Libravatar Sebastian Hafner2019-07-15
|
* apparmor: allow writing to /proc/@{PID}/commLibravatar Vincent432019-07-14
| | | | | | This is needed by various electron apps, see: https://github.com/netblue30/firejail/issues/2538 https://github.com/netblue30/firejail/issues/2854
* homedirs: turn "informational error" into warningLibravatar smitsohu2019-07-14
|
* don't allow root directory as homeLibravatar smitsohu2019-07-14
|
* Merge pull request #2858 from veloute/sn-fixLibravatar veloute2019-07-13
|\ | | | | fix seccomp issues with standardnotes-desktop. see issue #2854
| * issues with electron-based apps. see issue #2854Libravatar veloute2019-07-13
|/
* update version tableLibravatar Reiner Herrmann2019-07-13
|
* uniformly mask /home in all private home optionsLibravatar smitsohu2019-07-12
|
* private-home: remove redundancyLibravatar smitsohu2019-07-12
|
* Merge pull request #2855 from veloute/galc-fixLibravatar rusty-snake2019-07-12
|\ | | | | ipc-namespace breaks galculator on archlinux
| * ipc-namespace breaks galculator on archlinuxLibravatar veloute2019-07-12
| |
* | rename some variables so they don't shadow others with same nameLibravatar Reiner Herrmann2019-07-11
| | | | | | | | via lgtm.com
* | fix minor issues from lgtm.comLibravatar Reiner Herrmann2019-07-11
| |
* | Merge pull request #2850 from disconnect3d/patch-1Libravatar Reiner Herrmann2019-07-11
|\ \ | | | | | | Update pid.c
| * | Update pid.cLibravatar Disconnect3d2019-07-10
| | | | | | | | | Remove redundant `child` variable in src/lib/pid.c
* | | Update libpostexecseccomp.c (#2851)Libravatar Disconnect3d2019-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Update libpostexecseccomp.c Remove `if (size != 0)` condition, which is always true as there is a `if (size <= 0)` condition before. Also note that if the `if (size <= 0)` condition wouldn't be there and `size` would be 0, there would have been an undefined behavior in due to division by zero in `(unsigned short) size / (unsigned short) sizeof(struct sock_filter);`. Found with LGTM: https://lgtm.com/projects/g/netblue30/firejail/snapshot/961c4ca00425b60a7bc8543460031a8ebf3d8aa6/files/src/libpostexecseccomp/libpostexecseccomp.c#x838c24f710410160:1
* | | Support media on other drives in youtube-dl.profileLibravatar glitsj162019-07-11
| | | | | | | | | Thanks to @SkewedZeppelin for catching this, see comments in https://github.com/netblue30/firejail/pull/2584.
* | | remove duplicate fclose/freeLibravatar Reiner Herrmann2019-07-10
| | |
* | | less.profile: make ${HOME} read-onlyLibravatar Vincent432019-07-10
|/ / | | | | less is usually used to view various text files including configs so blacklisting many of them in ${HOME} make it less(sic!) usable. We can make them read-only instead.
* | Add gdb-firejail.sh to contrib for easy debugging of firejail with gdb.Libravatar Glenn Washburn2019-07-09
| |
* | Sort private-bin in obs.profile (#2848)Libravatar glitsj162019-07-09
| |
* | Add redirects for mpg123 (#2847)Libravatar glitsj162019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Create conplay.profile * Create mpg123.bin.profile * Create mpg123-alsa.profile * Create mpg123-id3dump.profile * Create mpg123-jack.profile * Create mpg123-nas.profile * Create mpg123-openal.profile * Create mpg123-oss.profile * Create mpg123-portaudio.profile * Create mpg123-pulse.profile * Create mpg123-strip.profile * Create out123.profile * Add mpg123 redirects to fireconfig
* | Merge pull request #2844 from crass/fix-561-trace-appimageLibravatar netblue302019-07-09
|\ \ | | | | | | Fix issue #561. Refactor/Optimize code to get and use pid and process name.
| * | Fix issue #561. Refactor/Optimize code to get and use pid and process name.Libravatar Glenn Washburn2019-07-09
| | |
* | | Merge pull request #2843 from crass/fix-2842-extra-appimage-envvarsLibravatar netblue302019-07-09
|\ \ \ | | | | | | | | Add OWD and ARGV0 environment variables. Correctly create APPIMAGE envvar.
| * | | Add OWD and ARGV0 environment variables. Correctly create APPIMAGE envvar.Libravatar Glenn Washburn2019-07-09
| |/ /
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-03 14:48:48 +0000