| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
| |
* remove noblacklist without blacklist in aosp
${HOME}/.bash_history is not blacklisted anywhere. Hence a noblacklist doesn't make sense here.
* remove noblacklist without blacklist in gnome-builder
${HOME}/.bash_history is not blacklisted anywhere. Hence a noblacklist doesn't make sense here.
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
New profile for CoyIM
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Create nolocal6.net
|
| | | |
|
|\ \ \
| | | |
| | | | |
Add profile for kdiff3
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
|/ / / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Update vmware.profile
`private-etc` can be uncommented.
* Update vmware.profile
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* fix comment in blackbox.profile
* fix comment in fluxbox.profile
* fix comment in i3.profile
* fix comment in krunner.profile
* fix comment in openbox.profile
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* refactor google-earth{-pro} blacklisting
* fix google-earth-pro.profile
I've included all binaries found in the Arch Linux AUR package to private-bin. But I also added a note on ignoring private-bin because I'm not sure what google-earth is doing on other distro's.
* unbreak google-earth.profile
Not sure why we need grep, ls and sed in private-bin exactly but keeping them around wouldn't hurt too much I guess.
|
| | |
| | |
| | |
| | |
| | |
| | | |
To solve issue#3907, doc directory of the bibletime has to be
whitelisted. Otherwise, it always fails to start.
Co-authored-by: hhnb <hhnb@nanenient.cc>
|
| | | |
|
|\ \ \
| | | |
| | | | |
Add $PATH expansion to private-lib
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
private-lib: add new timetrace
|
| |/ / / |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
as modern-day Debian only keeps a single symbolic link in
/lib64, going through both directories systematically adds
virtually no overhead (as indicated by the timetrace). At
the same time it is simpler and more robust in producing a correct
representation of the filesystem.
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add pkglog to new profiles
* Create pkglog.profile
* Update README.md
* fix ordering in pkglog.profile
* drop extra whitespace in pkglog.profile
|
|/ / / |
|
| | | |
|
| | | |
|
|/ /
| |
| |
| |
| | |
hardening: wusc + wruc
fix: settings was immutable
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
/bin/sh is usually just a symlink to bash. However this is not the case
for every distro, debian for example uses dash. bash,dash and sh have a
blacklist command in disable-shell.inc. An own allow-*.inc for it
enusres usage of all necessary nolacklists.
For private-bin sh is enough because it follows symlinks.
|
| |
| |
| | |
See #3895.
|
| |
| |
| |
| |
| |
| |
| | |
* newsboat: add lynx support
* newsboat: fix using sort.py
* newsboat: remove unneeded perms
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
return to non-dumpable plugins
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
(hopefully) fixes the issues that led to reverting
commits 6abb65d328af61d67361890743190bd4c57f8e3c and 98e42dc6da4e4b1e47ed2aa020012d4dedc1e80e
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Clarify that:
* "upstream profile" means the profile version on the master branch
* "duplicates" refer to duplicate issues
As suggested by @scruloose on
https://github.com/netblue30/firejail/issues/3884#issue-784605766
https://github.com/netblue30/firejail/issues/3884#issuecomment-759528185
|
| | |
| | |
| | | |
Thanks @rusty-snake for [spotting](https://github.com/netblue30/firejail/commit/662ebd214b0a7874072381f5aaf3fbd322f0e460) this!
|
| | | |
|