Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | keepassxc dbus, closes #3713 [skip ci] | rusty-snake | 2020-10-31 |
| | |||
* | firefox d-bus (#2953) & fix xournalpp | rusty-snake | 2020-10-29 |
| | |||
* | support bluetooth protocol in sort.py | Reiner Herrmann | 2020-10-28 |
| | |||
* | added bluetooth to the list of protocols allowed by seccomp | netblue30 | 2020-10-28 |
| | |||
* | profile fixes | netblue30 | 2020-10-28 |
| | |||
* | slightly change changelog date to not have duplicate | Reiner Herrmann | 2020-10-28 |
| | |||
* | reverted --bind as root - some security problems | netblue30 | 2020-10-27 |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | netblue30 | 2020-10-27 |
|\ | |||
| * | Update okular.profile to support cbr files (#3704) | blockbandit | 2020-10-27 |
| | | | | | | | | | | | | | | * Update okular.profile okular has support for reading cbr (rar-compressed comic book). without unrar or unar in private-bin, okular fails to decompress the files for viewing. * Sorted private-bin | ||
* | | compile time option to disable --private-cache and --tmpfs for regular user | netblue30 | 2020-10-27 |
|/ | |||
* | Remove redundant read-only item (#3703) | glitsj16 | 2020-10-27 |
| | | | | | | | | | | | | | * remove read-only item redundancy 'read-only ${HOME}/.config/mimeapps.list' is already part of disable-common.inc * remove read-only item redundancy 'read-only ${HOME}/.config/mimeapps.list' is already part of disable-common.inc, which is included in the redirect profile * remove read-only item redundancy 'read-only ${HOME}/.config/mimeapps.list' is already part of disable-common.inc, which is included in the redirect profile | ||
* | fix assogiate.profile | glitsj16 | 2020-10-27 |
| | | | The user mime database needs to be writable. | ||
* | add missing paths to disable-interpreters.inc | rusty-snake | 2020-10-26 |
| | | | | | | | and update allow-xxx.inc Fedora uses /usr/lib64 for arch specifiy files and /usr/lib for arch independent files. php, py2, ruby may have also paths there. | ||
* | Merge pull request #3700 from rusty-snake/fix-3699 | rusty-snake | 2020-10-26 |
|\ | | | | | fix #3699 -- Firefox can't inhibit screensavers/screen blanking | ||
| * | fix #3699 | rusty-snake | 2020-10-26 |
| | | |||
* | | Merge pull request #3698 from Neo00001/patch-3 | rusty-snake | 2020-10-26 |
|\ \ | |/ |/| | Update celluloid.profile | ||
| * | Update celluloid.profile | Neo00001 | 2020-10-26 |
| | | |||
| * | Update celluloid.profile | Neo00001 | 2020-10-25 |
|/ | | | liblua is needed for celluloid & otherwise at least on arch it's showing this error - "celluloid: error while loading shared libraries: liblua5.2.so.5.2: cannot open shared object file: Permission denied" | ||
* | typo | Reiner Herrmann | 2020-10-25 |
| | |||
* | Merge branch 'tests' into master | Reiner Herrmann | 2020-10-25 |
|\ | |||
| * | increate timeout in xz.dec | Reiner Herrmann | 2020-10-25 |
| | | | | | | | | for reason it seems to timeout sometimes in github CI | ||
| * | include tests in rpm source tarball | Reiner Herrmann | 2020-10-24 |
| | | |||
| * | add new Makefile.in to distributed files | Reiner Herrmann | 2020-10-24 |
| | | |||
| * | let github CI run tests | Reiner Herrmann | 2020-10-24 |
| | | |||
| * | refactor test targets and let build fail on test errors | Reiner Herrmann | 2020-10-24 |
| | | |||
* | | merges | netblue30 | 2020-10-25 |
| | | |||
* | | Merge pull request #3676 from rusty-snake/tmpfs-inside-home | netblue30 | 2020-10-25 |
|\ \ | | | | | | | Allow --tmpfs and --bind inside $HOME for unprivileged users | ||
| * | | Likewise allow --bind inside $HOME for users | rusty-snake | 2020-10-23 |
| | | | |||
| * | | Allow --tmpfs inside $HOME for unprivileged users | rusty-snake | 2020-10-23 |
| | | | | | | | | | | | | | | | | | | | | | --tmpfs was added in 0.9.14 and restricted to root only in 0.9.38 due to priv-esc CVE-2016-10117 (e.g. --tmpfs=/etc and modify /etc/sudoers). This commit reintroduce it for normal users, if the realpath of it is inside users-home. | ||
* | | | Merge pull request #3607 from kortewegdevries/wemail | netblue30 | 2020-10-25 |
|\ \ \ | | | | | | | | | Switch mails to whitelisting | ||
| * | | | Add note about private-bin | kortewegdevries | 2020-09-03 |
| | | | | |||
| * | | | Add firefox support | kortewegdevries | 2020-08-29 |
| | | | | |||
| * | | | Switch kmail to whitelisting | kortewegdevries | 2020-08-29 |
| | | | | |||
| * | | | GPG default, fixes... | kortewegdevries | 2020-08-28 |
| | | | | |||
| * | | | Switch Evolution to whitelisting | kortewegdevries | 2020-08-28 |
| | | | | |||
* | | | | check that profiles are sorted | Reiner Herrmann | 2020-10-24 |
| |_|/ |/| | | |||
* | | | bump version to new development version 0.9.65 | Reiner Herrmann | 2020-10-24 |
| | | | |||
* | | | harden peek; update README.md; add gnome-sound-… | rusty-snake | 2020-10-23 |
| | | | | | | | | | | | | …recorder to firecfg.config | ||
* | | | Merge pull request #3683 from jmetrius/vlc-aacs-fix | rusty-snake | 2020-10-23 |
|\ \ \ | |_|/ |/| | | Fix blu-ray playback with libaacs | ||
| * | | Fix vlc blu-ray playback with libaacs | Jan Sonntag | 2020-10-20 |
| | | | |||
* | | | 0.9.64 testing0.9.64 | netblue30 | 2020-10-21 |
| | | | |||
* | | | 0.9.64 testing | netblue30 | 2020-10-21 |
| | | | |||
* | | | Update bug_report.md | rusty-snake | 2020-10-20 |
|/ / | | | | | Stop "mentioned"-notes in 1139. | ||
* | | Merge pull request #3679 from Bundy01/master | rusty-snake | 2020-10-19 |
|\ \ | | | | | | | Update virtualbox.profile | ||
| * | | Update virtualbox.profile | Bundy01 | 2020-10-19 |
|/ / | |||
* | | fix #3478 | netblue30 | 2020-10-19 |
| | | |||
* | | fix manpage wanings (#3563) | netblue30 | 2020-10-19 |
| | | |||
* | | readme update | netblue30 | 2020-10-17 |
| | | |||
* | | Merge pull request #3674 from topimiettinen/rmenv-apply-early | netblue30 | 2020-10-17 |
|\ \ | | | | | | | Apply --rmenv immediately to help to avoid the env var length check | ||
| * | | Apply --rmenv immediately to help to avoid the env var length check | Topi Miettinen | 2020-10-16 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove environment variables with --rmenv immediately. This fixes removing long environment variables (LS_COLORS generated by vivid), previously the length filter would trip before the command was processed. This changes user visible behavior slightly, for example --rmenv=LANG now applies also to Firejail, while earlier it would only apply to sandboxed program. Partially fixes #3673, but not handling `rmenv` in profiles. Also suggest --rmenv when there are problems with enviroment variables. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> |