| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Add comment to sylpheed.profile for supporting non-default storage path |  glitsj16 | 2020-01-05 |
| | | |||
| * | Add support for default storage path in claws-mail.profile | glitsj16 | 2020-01-05 |
| | | |||
| * | Allow Tor Browser to run /usr/bin/id (#3114) |  creideiki | 2020-01-05 |
| | | | | | | | | | | | | | | The start-tor-browser script tries to run /usr/bin/id to check that it isn't root before starting the browser. See https://gitweb.torproject.org/builders/tor-browser-build.git/tree/projects/tor-browser/RelativeLink/start-tor-browser?id=41fd236bbb7d3d75a27473f927be31f7dd8fdc99#n94 If id is not in the private-bin directory, the test still works by accident, but prints these error messages: ./Browser/start-tor-browser: line 94: id: command not found ./Browser/start-tor-browser: line 94: [: : integer expression expected Add id to the private-bin directory to make it run as intended. | ||
| * | Use nowhitelist in sylpheed.profile | glitsj16 | 2020-01-05 |
| | | | | Thanks @rusty-snake for the suggestion (see #3122). | ||
| * | Turn sylpheed.profile into a (claws-mail) redirect | glitsj16 | 2020-01-04 |
| | | |||
| * | Tighten wusc in claws-mail.profile | glitsj16 | 2020-01-04 |
| | | |||
| * | Fix private-lib for gentoo in evince.profile | glitsj16 | 2020-01-04 |
| | | | | Fixes #3121. | ||
| * | Fix neverputt profile |  Tad | 2020-01-04 |
| | | |||
| * | sylpheed: noblacklist ${HOME}/Mail (see #3122) |  rusty-snake | 2020-01-04 |
| | | |||
| * | Add barrier profile (#3115) |  Adrian L. Shaw | 2020-01-04 |
| | | | | | | | | | | | | | | | | | | | | | * Add barrier.profile * Add newline before special options * Modify description * Add disable mount to barrier.profile * Address feedback from rusty-snake * Remove stray carriage return * Add noexec for /home/user and /tmp * Don't blacklist openssl * Remove redundant rules | ||
| * | Gentoo fixes (#3120) | glitsj16 | 2020-01-04 |
| | | | | | | | | | * fix private-etc on gentoo * Fix private-etc on gentoo * Fix evince on gentoo | ||
| * | update pavucontrol | rusty-snake | 2020-01-03 |
| | | | | | see #3112 | ||
| * | ${HOME} whitelisting breaks settings in artha | glitsj16 | 2020-01-03 |
| | | | | More background info in #3112. | ||
| * | typo (wget) & fix (baobab) [skip ci] | rusty-snake | 2020-01-03 |
| | | |||
| * | fix #3110 | rusty-snake | 2020-01-03 |
| | | |||
| * | Get rid of #2302 (#3111) | rusty-snake | 2020-01-03 |
| | | |||
| * | fixup! Extra hardening for wget | rusty-snake | 2020-01-03 |
| | | |||
| * | Update README | glitsj16 | 2020-01-03 |
| | | |||
| * | Fix wusc in mpv (#3108) |  Daniel M. Capella | 2020-01-03 |
| | | | | Partly fixes #3107. | ||
| * | Fix wusc in exiftool | glitsj16 | 2020-01-03 |
| | | | | Arch puts files under /usr/share/perl-image-exiftool, whitelist that path for wusc. | ||
| * | Fix wusc in weechat | glitsj16 | 2020-01-03 |
| | | | | Partly fixes #3107 (the weechat part). | ||
| * | Add artha log to disable-programs.inc | glitsj16 | 2020-01-02 |
| | | |||
| * | Fix artha | glitsj16 | 2020-01-02 |
| | | | | I intentionally wanted to have this as a 'whitelist' profile. The only snag is that artha seems to generate ${HOME}/.config/artha.config.XXXXXX that I cannot whitelist upfront. Added notes to highlight this behaviour. | ||
| * | Extra hardening for wget | glitsj16 | 2020-01-02 |
| | | |||
| * | Additional hardening for whois | glitsj16 | 2020-01-02 |
| | | |||
| * | Harden artha.profile | glitsj16 | 2020-01-02 |
| | | |||
| * | Harden aria2c.profile | glitsj16 | 2020-01-02 |
| | | |||
| * | Future-proof private-lib in gedit.profile | glitsj16 | 2020-01-02 |
| | | | | Better fix for #3104 . | ||
| * | tests: drop shm from whitelist-dev test as it can contain many files |  Reiner Herrmann | 2020-01-02 |
| | | |||
| * | Fix #3105 -- add allow-ruby.inc | rusty-snake | 2020-01-02 |
| | | |||
| * | tests: use pid 1, which will also exist in containers | Reiner Herrmann | 2020-01-02 |
| | | |||
| * | tests: wait until sandbox is shutdown before running next command | Reiner Herrmann | 2020-01-02 |
| | | |||
| * | gitlab-ci: it's actually the redhat test that was failing | Reiner Herrmann | 2020-01-02 |
| | | |||
| * | fix gnome-maps | rusty-snake | 2020-01-02 |
| | | |||
| * | fix celluloid | rusty-snake | 2020-01-02 |
| | | |||
| * | harden whois.profile | rusty-snake | 2020-01-02 |
| | | |||
| * | Harden openshot | rusty-snake | 2020-01-02 |
| | | |||
| * | gnome-builder: fix build cache | rusty-snake | 2020-01-02 |
| | | |||
| * | Harden wget.profile | rusty-snake | 2020-01-02 |
| | | |||
| * | gitlab-ci: disable continuously failing fedora test | Reiner Herrmann | 2020-01-01 |
| | | |||
| * | gitlab-ci: drop debian patches before building, as they might conflict | Reiner Herrmann | 2020-01-01 |
| | | |||
| * | Fix private-lib in gedit.profile | glitsj16 | 2020-01-01 |
| | | | | Fixes #3104. | ||
| * | Make ${HOME}/.config/environment.d read-only | rusty-snake | 2019-12-30 |
| | | |||
| * | spelling fix | Reiner Herrmann | 2019-12-30 |
| | | |||
| * | include m4 directory in source archive | Reiner Herrmann | 2019-12-30 |
| | | |||
| * | Harden file-roller | rusty-snake | 2019-12-29 |
| | | |||
| * | disable-devel: blacklist source-code | rusty-snake | 2019-12-29 |
| | | |||
| * | Add appimage fix to electrum.profile | glitsj16 | 2019-12-29 |
| | | |||
| * | Merge pull request #3097 from glitsj16/firecfg |  netblue30 | 2019-12-26 |
| |\ | | | | | Drop CLI archivers from firecfg | ||
| | * | Drop CLI archivers from firecfg | glitsj16 | 2019-12-26 |
| | | | | | | | More research/testing is needed to make CLI-based archivers work on Arch (based distributions). See ongoing discussion in #3095. | ||
 |
index : firejail | |
| Mirror of https://github.com/netblue30/firejail | Firejail Authors |
| aboutsummaryrefslogtreecommitdiffstats |