| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It creates the following directories on startup:
* ~/.config/VSCodium
* ~/.vscode-oss
Environment:
$ grep '^NAME' /etc/os-release
NAME="Artix Linux"
$ pacman -Q vscodium-bin
vscodium-bin 1.60.2-2
Note: The following entry is already on disable-programs.inc:
noblacklist ${HOME}/.vscode-oss
It was added on commit de90834a8 ("Update disable-programs.inc",
2019-03-02).
Relates to #3871.
|
| |
|
|
| |
Added on commit 4bb7dee49 ("small changes", 2019-02-07).
|
| |\
| |
| | |
add more EUID improvements
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* cheese
- fix: dbus-user.own org.gnome.Cheese
- fix: whitelist /usr/share/gstreamer-1.0
- fix: include allow-python3.inc
- hardening: include disable-shell.inc
- hardening: include whitelist-run-common.inc and whitelist /run/udev/data
- hardening: whitelist /usr/libexec/gstreamer-1.0/gst-plugin-scanner
- hardening: noinput
- hardening: nosound
- hardening: seccomp.block-secondary
- hardening: private-dev
* geekbench (closes #4576)
- fix: noblacklist /sbin and noblacklist /usr/sbin
- fix: noblacklist, blacklist, mkdir, whitelist, read-write ${HOME}/.geekbench5
- fix: comment/remove private-bin, private-lib, private-opt
* inkscape
- add quiet for cli usage
* musixmatch (#4518)
- allow chroot
* pandoc
- fix: include allow-bin-sh.inc
- fix: drop private-bin
- hardening: include whitelist-runuser-common.inc
- hardening: seccomp.block-secondary
|
| | |
| |
| |
| |
| | |
- Allow org.freedesktop.secrets, fixes #4584
- Improve comments about notifications and systray
|
| |\ \
| |/
|/| |
Trim excess whitespace
|
| |/ |
|
| |
|
|
|
| |
don't try to read /usr/bin/firejail if private-bin removed it
from the sandbox filesystem
|
| |
|
|
|
|
| |
users, and fldd in particular, might have no read permission
on the firejail executable, make that ok by running fldd
as root
|
| | |
|
| | |
|
| |\
| |
| | |
telegram: Enable private-bin
|
| | | |
|
| |\ \
| | |
| | | |
Add ld.so.preload to all private-etc lines
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Command:
sed -i -E "s/^private-etc /private-etc ld.so.preload,/" \
$(grep -LE "^private-etc .*ld.so.preload" etc/profile-*/*) \
&& python3 contrib/sort.py etc/profile-*/*
|
| |\ \ \
| | | |
| | | | |
Create goldendict.profile
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Add missing final newlines
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Remove /etc/hosts is_link check
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The current file is missing the 'How to Apply These Terms to Your New
Programs' section, which is an integral part of the GPL.
More info here:
https://www.gnu.org/licenses/old-licenses/gpl-2.0-faq.html#GPLOmitPreamble
File downloaded from:
https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
|
| | | | | | | |
|
| | |/ / / /
|/| | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
rework exitcodes
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* add 128 to exitcode if child receives a fatal signal
(this is similar to what bash and other shells do)
* unify exitcodes across firejail: treat join'ed processes
the same as processes in the primary process tree
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Revert "allow/deny help and man pages"
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit a11707ea273e5665047f8a7d9387ba07f08d72f6.
The man pages currently direct users to use the aliases instead of the
commands, which some users of firejail-git may end up doing. Example:
https://github.com/netblue30/firejail/discussions/4496
So revert the man page changes as well to avoid confusion.
Note: This is not a full revert. The commit in question also contains
some string formatting fixes on src/firejail/usage.c (related to dbus
and netmask), which are left intact.
Relates to #4410.
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Blacklist Exodus wallet
|
| | |/ / / / |
|
| | |_|_|/
|/| | |
| | | |
| | | |
| | | | |
Enable evince to display archived images (.cbz) file with plugin
installed.
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Rework issue templates
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
fix duplicate globals
|
| | | |/ / /
| |/| | | |
|
| | | | | | |
|
| | |/ / /
|/| | | |
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- closes #4483 -- mpv requires whitelisting /usr/share/pipewire
- wruc: whitelist pipewire-?, pipewire is becoming more popular and was
developed with isolation (container/sandbox) in mind.
- wruc: whitelist wayland-? instead of only -0 and -1
- wusc: whitelist /usr/share/pipewire
- remove these wruc/wusc lines from other profiles
- firefox-common-addons: Make ignore wruc work again (#4512)
- firefox: org.freedesktop.portal.Desktop should be enough
|
| | | | |
|
Kelvin M. Klann
smitsohu
rusty-snake
a1346054
netblue30
Nicola Davide Mannarelli
lecso7
Jonas Heinrich
Reiner Herrmann
crocket
Ted Robertson
pirate486743186