Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | blacklist ksslcertificatemanager | smitsohu | 2018-02-14 |
| | | | | | | | | | | While it is believed that blacklisting these files is a safe default, it has the effect that untrusted certificates have to be acknowledged every time they are encountered (with whitelisting it is possible to accept them for the duration of an application session). Where this causes usability issues, it will be necessary to noblacklist these paths. | ||
* | fix KDE notifications | smitsohu | 2018-02-13 |
| | | | | | | | | while it is essential to deny manipulation of these files, the information contained therein should be only of secondary value by changing blacklist to read-only, notification functionality is restored | ||
* | update more application blacklists | smitsohu | 2018-02-13 |
| | |||
* | Merge pull request #1774 from SkewedZeppelin/1773 | SkewedZeppelin | 2018-02-12 |
|\ | | | | | Unify all Chromium and Firefox based browser profiles | ||
| * | Further unify private-etc in Firefox-based browsers | Tad | 2018-02-11 |
| | | |||
| * | whitelist gpg in brave profile | smitsohu | 2018-02-12 |
| | | |||
| * | Update README.md about browser unification | Tad | 2018-02-11 |
| | | |||
| * | Breakout noblacklists/whitelsits for common addons/plugins/programs from ↵ | Tad | 2018-02-11 |
| | | | | | | | | firefox-common | ||
| * | Unify all Chromium and Firefox based browser profiles as part of #1773 | Tad | 2018-02-11 |
|/ | |||
* | update various application blacklists | smitsohu | 2018-02-11 |
| | |||
* | Merge pull request #1764 from jelford/remmina_seccomp | smitsohu | 2018-02-11 |
|\ | | | | | Add seccomp filters for remmina, from an strace session connecting via RDP | ||
| * | keep remmina seccomp whitelist opt-in | smitsohu | 2018-02-11 |
| | | |||
| * | Add seccomp filters for remmina, from an strace session connecting via RDP | James Elford | 2018-02-07 |
| | | |||
* | | Fix soundconverter not launching and audacity error popup | Tad | 2018-02-10 |
| | | | | | | | | | | | | | | | | | | | | | | | | quick test of ~50 profiles on Fedora 27 audacity - "An error occured while loading or saving configuration information" soundconverter - fix crash on start by removing explicit dbus blacklist added in 55938d07a58d29ceb893e4554a4ddf3c41810fc9 many issues were found that were unfixed evolution - cannot access ~/.evolution on first run, doesn't seem to ever be used/accessed again gedit - many plugins (spell check) are broken by private-lib gnome-contacts - "warning: wayland-egl: could not open /dev/dri/card0" due to no3d, don't know why it thinks it needs that | ||
* | | Oops - didn't include actual tilp profile. | Fred-Barclay | 2018-02-09 |
| | | |||
* | | Add tilp profile | Fred-Barclay | 2018-02-09 |
| | | |||
* | | Fix error messages when opening multiple documents in LibreOffice | Tad | 2018-02-09 |
| | | | | | | | | | | | | This fixes "LibreOffice will attempt to recover the state of the files you were working on before it crashed." messages when you go to open a second document. We should see if there are any other profile where we can use join-or-start to fix similar issues. | ||
* | | restrict kssl (missing paths) | smitsohu | 2018-02-08 |
| | | |||
* | | restrict kssl | smitsohu | 2018-02-08 |
| | | |||
* | | keep menu definitions read-only | smitsohu | 2018-02-07 |
| | | |||
* | | Merge pull request #1763 from ckuethe/master | smitsohu | 2018-02-07 |
|\ \ | |/ |/| | Update remmina.profile | ||
| * | Update remmina.profile | Chris Kuethe | 2018-02-06 |
|/ | | | my profiles happened to be in ~/.remmina | ||
* | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2018-02-06 |
|\ | |||
| * | Merge pull request #1761 from rccavalcanti/master | Fred Barclay | 2018-02-05 |
| |\ | | | | | | | Allow Spotify to run Zenity | ||
| | * | Allow Spotify to run Zenity | Rafael Cavalcanti | 2018-02-05 |
| |/ | |||
| * | Fix Tor Browser Launcher dirs not getting created on first launch | Tad | 2018-02-04 |
| | | |||
* | | pdfchain profile | smitsohu | 2018-02-06 |
| | | |||
* | | further harden KDE | smitsohu | 2018-02-06 |
| | | | | | | | | | | and whitelist some kio settings, because we don't know if slave processes will run inside or outside the sandbox. also prevents weird bugs that depend on sequence in which applications were started. | ||
* | | enable private-etc for gwenview | smitsohu | 2018-02-06 |
|/ | |||
* | Merge branch 'master' of http://github.com/netblue30/firejail | netblue30 | 2018-02-03 |
|\ | |||
| * | Merge pull request #1758 from Vincent43/patch-1 | netblue30 | 2018-02-03 |
| |\ | | | | | | | Apparmor: minor fixes | ||
| | * | Apparmor: minor fixes | Vincent43 | 2018-02-03 |
| |/ | | | | | | | | | 1. Allow for seven digit PID same as upstream do https://gitlab.com/apparmor/apparmor/commit/630cb2a981cdc731847e8fdaafc45bcd337fe747 2. Fixed dbus functionality. Disabled by default. | ||
* / | merges | netblue30 | 2018-02-03 |
|/ | |||
* | enable email encryption for thunderbird, kmail | smitsohu | 2018-02-03 |
| | | | | see #1653 #1572 | ||
* | blacklist klipper | smitsohu | 2018-02-02 |
| | | | | further to 8aec7694cb4c7c0d07b333b689ab19faacb519f9 | ||
* | KDE related enhancements | smitsohu | 2018-02-01 |
| | |||
* | unbound fix (part 2) - whitelist /var/run | smitsohu | 2018-02-01 |
| | |||
* | unbound fix (writable-var) - #1731 | smitsohu | 2018-01-31 |
| | |||
* | overlay fixes and additional hardening | netblue30 | 2018-01-31 |
| | |||
* | fix cd/dvd for dragon | smitsohu | 2018-01-31 |
| | |||
* | consistent directory nomenclature for kaffeine | smitsohu | 2018-01-30 |
| | |||
* | kaffeine profile | smitsohu | 2018-01-30 |
| | |||
* | harden KDE | smitsohu | 2018-01-30 |
| | |||
* | Add basic contributing info. Still need to add for pull requests, etc. | Fred-Barclay | 2018-01-29 |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | Fred-Barclay | 2018-01-28 |
|\ | |||
| * | debug messages for appimage | netblue30 | 2018-01-27 |
| | | |||
| * | Add a profile for Red Eclipse | Tad | 2018-01-26 |
| | | |||
| * | fix compile problem ##1750 | netblue30 | 2018-01-25 |
| | | |||
| * | whitelist, private-dev, private-tmp support for chroot and overlay sandboxes | netblue30 | 2018-01-25 |
| | | |||
| * | Replace xmr-stak-cpu profile with unified xmr-stak profile | Tad | 2018-01-25 |
| | |