| Commit message (Collapse) | Author | Age |
|
|
|
|
|
| |
Ensure that all standard streams are open and we don't inadvertently print to files opened for a different reason; in general we can expect glibc
to take care of this, but it doesn't cover the case where a sandbox is started by root. The added code also serves as a fallback.
Unrelated: For what it's worth, shift umask call closer to main start, so it runs before lowering privileges and before anything can really go wrong.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Added git-cola profile
Initial
* Edit private-etc
Add alternatives,pki
* Add disable-xdg
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
* Added lyx profile
Initial
* Rmoved whitelists
Make home directory more accessible
|
|
|
|
|
|
|
|
|
| |
* Added minitube profile
Initial
* Second
Removed no3d,added novideo
|
|
|
| |
Initial
|
|
|
|
|
|
|
|
|
| |
* Added mtpaint profile
Initial
* Second
Remove IPC-namespace,netfilter
|
| |
|
|\
| |
| | |
integrate join(-or-start) with dbus options (partial fix)
|
| |
| |
| |
| |
| | |
update D-Bus environment variables during join, so that
a joining process is able to use D-Bus, too
|
| |
| |
| | |
Fixes for #3554.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added minecraft-launcher-profile
Initial
* Changed minecraft-launcher profile
Added space,tracelog,nodvd
* Third
Fixed private-etc,added notes about path,java
* Sorting
|
| | |
|
|\ \
| | |
| | | |
Added xfce4-screenshooter profile
|
| | |
| | |
| | |
| | | |
Initial,removed common blaclist,add netfilter,private-etc
|
| | | |
|
|\ \ \
| | | |
| | | | |
fix typo in multicast CIDR
|
|/ / / |
|
|\ \ \
| |/ /
|/| | |
Ignore SIGTTOU during flush_stdin()
|
| | |
| | |
| | |
| | | |
fixes #3500
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Update virtualbox.profile
* Update virtualbox.profile
* Update virtualbox.profile
* Update virtualbox.profile
* Update virtualbox.profile
* Update virtualbox.profile
|
|\ \ \
| | | |
| | | | |
Github-desktop: Add chroot to seccomp
|
|/ / /
| | |
| | |
| | | |
Add chroot
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Added freetube profile
Initial
* Added freetube profile
Second:drop ignore seccomp,add disable-shell
See https://github.com/netblue30/firejail/pull/3535
|
| | |
| | |
| | |
| | |
| | |
| | | |
* Added cawbird profile
See https://github.com/netblue30/firejail/pull/3533
Squash commits for merging
|
|\ \ \
| | | |
| | | | |
Hardend Zoom profile
|
| | |/
| |/| |
|
|\ \ \
| | | |
| | | | |
Add Mattermost desktop profile
|
| |/ / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Update telegram.profile
* Update telegram.profile
* Update telegram.profile
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Add files via upload
New profile for homebank
* Update etc/profile-a-l/homebank.profile
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
* Update etc/profile-a-l/homebank.profile
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
* Update homebank.profile
* Update firecfg.config
homebank added
* Update disable-programs.inc
Added blacklist.
* Update homebank.profile
Added disable-shell,removed whitelisted docs
* Update disable-programs.inc
Changed sorting
* Update homebank.profile
Changed sorting
* Added cawbird profile
Initial
* Revert "Added cawbird profile"
This reverts commit 6b045976adf62a91882236600c55926af34b6a52.
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| | |
| | |
| | |
| | |
| | | |
* fix #3404
* Update teams.profile
|
| | |
| | |
| | |
| | |
| | | |
fixes #3528
Are there any reasons why discord has no shell none?
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I too saw some breaktages with programs using it.
It can still be used like this:
firejail pandoc -t foo bar.tex
closes #3524
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Hardend Signal desktop profile
|
| |/ / |
|
|/ / |
|
|\ \
| | |
| | | |
fixing busybox workaround
|
| | | |
|