| Commit message (Collapse) | Author | Age |
| |
|
|\
| |
| | |
profiles: allow /usr/share/webext in chromium profile
|
| | |
|
|/
|
|
| |
Bug-Debian: https://bugs.debian.org/1003234
|
|\
| |
| | |
add notable profile
|
| | |
|
| | |
|
| | |
|
|/ |
|
| |
|
|\
| |
| | |
skypeforlinux: Whitelist downloads directory
|
|/
|
|
| |
It's used when saving files send in conversations.
|
| |
|
| |
|
|\
| |
| | |
Implement a `whitelist-ro` command
|
| |\
| |/
|/| |
|
|\ \
| | |
| | | |
yt-dlp: add missing paths & mpv.profile: whitelist paths for yt-dlp
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
See etc/profile-m-z/yt-dlp.profile.
Relates to commit d6ca41c19 ("update mpv.profile", 2021-10-24) /
PR #4634.
Fixes #4754.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If it does not already exist, mpv is unlikely to need or to create it,
so just whitelist it if it exists.
This amends commit 5d741795c ("Use whitelisting for video players
(#3472)", 2020-08-15).
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This amends commit d6ca41c19 ("update mpv.profile", 2021-10-24) /
PR #4634.
These paths were taken from yt-dlp(1). They are used since yt-dlp
commit e2e43aea2 ("Portable Configuration file (closes #19)",
2021-01-16)[1].
Environment: yt-dlp 2021.12.01-1 on Artix Linux.
Relates to: https://github.com/yt-dlp/yt-dlp/issues/19
[1] https://github.com/yt-dlp/yt-dlp/commit/e2e43aea2159a235e151f56bd14383129a6b4355
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Fix clipgrab profile (yt-dlp requires python)
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.24 to 1.0.26.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e095058bfa09de8070f94e98f5dc059531bc6235...5f532563584d71fdef14ee64d17bafb34f751ce5)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update GitHub actions with Dependabot:
https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
Pinning actions to SHAs instead of versions improves the supply chain
security:
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
|
| | |
| | |
| | |
| | | |
Signed-off-by: Tad <tad@spotco.us>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Allow /opt/tor-browser for Tor Browser profile
|
| |/ / |
|
| | | |
|
|\ \ \ |
|
| | | | |
|
| |\ \ \
| | | | |
| | | | | |
Allow telegram to open hyperlinks
|
| | | | | |
|
|/ / / / |
|
|/ / / |
|
|\ \ \
| | | |
| | | | |
Whitelist /usr/share/nextcloud to allow access to translation files.
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Fix teams ignoring input sources e.g. microphones
|
| | | | | |
|
| |/ / / |
|
|\ \ \ \
| | | | |
| | | | | |
Whitelist ${HOME}/.local/opt/tor-browser to make tor-browser work
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
tor-browser 11.0.2-1 doesn't work without whitelisting this directory. The
following was the message I got before whitelisting this directory.
Reading profile /etc/firejail/tor-browser.profile
Reading profile /etc/firejail/torbrowser-launcher.profile
Reading profile /etc/firejail/allow-python2.inc
Reading profile /etc/firejail/allow-python3.inc
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-exec.inc
Reading profile /etc/firejail/disable-interpreters.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Reading profile /etc/firejail/disable-xdg.inc
Reading profile /etc/firejail/whitelist-common.inc
Reading profile /etc/firejail/whitelist-var-common.inc
Reading profile /etc/firejail/whitelist-runuser-common.inc
Reading profile /etc/firejail/whitelist-usr-share-common.inc
Warning: Warning: NVIDIA card detected, nogroups command disabled
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Parent pid 12653, child pid 12654
104 programs installed in 153.32 ms
Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set.
Warning: skipping asound.conf for private /etc
Warning: skipping crypto-policies for private /etc
Warning fcopy: skipping /etc/fonts/conf.d/11-lcdfilter-default.conf, cannot find inode
Warning: skipping pki for private /etc
Private /etc installed in 64.84 ms
Private /usr/etc installed in 0.00 ms
Warning: cleaning all supplementary groups
Warning: cleaning all supplementary groups
Warning: /sbin directory link was not blacklisted
Warning: /usr/sbin directory link was not blacklisted
Warning: cleaning all supplementary groups
Seccomp list in: !chroot, check list: @default-keep, prelist: unknown,
Warning: cleaning all supplementary groups
Child process initialized in 325.75 ms
/usr/bin/tor-browser: [Error] The tor-browser archive could not be extracted to your home directory.
Check the permissions of ~/.local/opt/tor-browser/app.
The error log can be found in ~/.local/opt/tor-browser/LOG.
/usr/bin/tor-browser: line 218: ~/.local/opt/tor-browser/app/Browser/start-tor-browser: No such file or directory
|
|\ \ \ \
| | | | |
| | | | | |
Revert allow/deny leftovers
|