aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* Merge branch 'master' of http://github.com/netblue30/firejailLibravatar netblue302018-02-03
|\
| * Merge pull request #1758 from Vincent43/patch-1Libravatar netblue302018-02-03
| |\ | | | | | | Apparmor: minor fixes
| | * Apparmor: minor fixesLibravatar Vincent432018-02-03
| |/ | | | | | | | | 1. Allow for seven digit PID same as upstream do https://gitlab.com/apparmor/apparmor/commit/630cb2a981cdc731847e8fdaafc45bcd337fe747 2. Fixed dbus functionality. Disabled by default.
* / mergesLibravatar netblue302018-02-03
|/
* enable email encryption for thunderbird, kmailLibravatar smitsohu2018-02-03
| | | | see #1653 #1572
* blacklist klipperLibravatar smitsohu2018-02-02
| | | | further to 8aec7694cb4c7c0d07b333b689ab19faacb519f9
* KDE related enhancementsLibravatar smitsohu2018-02-01
|
* unbound fix (part 2) - whitelist /var/runLibravatar smitsohu2018-02-01
|
* unbound fix (writable-var) - #1731Libravatar smitsohu2018-01-31
|
* overlay fixes and additional hardeningLibravatar netblue302018-01-31
|
* fix cd/dvd for dragonLibravatar smitsohu2018-01-31
|
* consistent directory nomenclature for kaffeineLibravatar smitsohu2018-01-30
|
* kaffeine profileLibravatar smitsohu2018-01-30
|
* harden KDELibravatar smitsohu2018-01-30
|
* Add basic contributing info. Still need to add for pull requests, etc.Libravatar Fred-Barclay2018-01-29
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar Fred-Barclay2018-01-28
|\
| * debug messages for appimageLibravatar netblue302018-01-27
| |
| * Add a profile for Red EclipseLibravatar Tad2018-01-26
| |
| * fix compile problem ##1750Libravatar netblue302018-01-25
| |
| * whitelist, private-dev, private-tmp support for chroot and overlay sandboxesLibravatar netblue302018-01-25
| |
| * Replace xmr-stak-cpu profile with unified xmr-stak profileLibravatar Tad2018-01-25
| |
* | noblacklist /usr/share/perl in hexchat - potential fix for #1754Libravatar Fred-Barclay2018-01-28
|/
* apparmor support for --chroot sandboxesLibravatar netblue302018-01-24
|
* --overlay clanupLibravatar netblue302018-01-24
|
* added firejail --apparmor.print and firemon --apparmorLibravatar netblue302018-01-24
|
* apparmor support for --overlay sandboxesLibravatar netblue302018-01-24
|
* rpm: install all files in lib directoryLibravatar Reiner Herrmann2018-01-23
|
* Merge pull request #1745 from Vincent43/patch-1Libravatar smitsohu2018-01-23
|\ | | | | Apparmor: restrict access to writable files
| * Apparmor: Revert /proc changesLibravatar Vincent432018-01-23
| |
| * Apparmor: fix kodi pluginsLibravatar Vincent432018-01-22
| | | | | | | | Kodi plugins need /proc/@PID/net/dev access outside user processes: AVC apparmor="DENIED" operation="open" profile="firejail-default" name="/proc/28/net/dev" pid=2354 comm="kodi.bin" requested_mask="r" denied_mask="r"
| * Apparmor: restrict accessLibravatar Vincent432018-01-21
| | | | | | Access to writable files can be restricted to their owner only.
* | Partial revert of f2fdcf7361f99d4b62d6427d078445c2ea1dc6cb for geditLibravatar Tad2018-01-22
| | | | | | | | - This appears to be a general issue with private-lib, that might've already been fixed in master
* | Add another profile alias for idea.shLibravatar Tad2018-01-22
| |
* | Allow audio in Tor browser, and fix gedit not launchingLibravatar Tad2018-01-22
|/ | | | - Tor browser doesn't have nosound, so include pulse in private-etc
* Add whitelist-var-common to 4 profilesLibravatar Tad2018-01-21
|
* Merge pull request #1713 from Vincent43/patch-1Libravatar smitsohu2018-01-20
|\ | | | | Apparmor: fix broken file dialogs in kde plasma
| * Revert: Escape '#' character in pathLibravatar Vincent432018-01-17
| | | | | | | | | | Escaping this create warning and is dropped anyway: Warning from /etc/apparmor.d/firejail-default (/etc/apparmor.d/firejail-default line 163): Character # was quoted unnecessarily, dropped preceding quote ('\') character
| * Escape '#' character in pathLibravatar Vincent432018-01-05
| |
| * Apparmor: fix broken file dialogs in kde plasmaLibravatar Vincent432018-01-04
| | | | | | | | | | | | | | | | | | For some time apparmor started breaking file dialogs in kde plasma (gwenview, calibre, qbittorrent, etc). typical audit report below: AVC apparmor="DENIED" operation="open" profile="firejail-default" name="/run/user/1000/#28520" pid=1997 comm="qbittorrent" requested_mask="w" denied_mask="w" fsuid=1000 ouid=1000 AVC apparmor="DENIED" operation="link" profile="firejail-default" name="/run/user/1000/qBittorrentZcaeTi.1.slave-socket" pid=3679 comm="qbittorrent" requested_mask="l" denied_mask="l" fsuid=1000 ouid=1000 target="/run/user/1000/#79965" This commit fixes this issue. Tested on Archlinux (linux 4.14.11, kde 5.11.5)
* | Add a profile for Fritzing, and update READMELibravatar Tad2018-01-20
| |
* | moved QTWEBENGINE_DISABLE_SANDBOX=1 to viber profileLibravatar netblue302018-01-19
| |
* | remove QTWEBENGINE_DISABLE_SANDBOX=1 from defaultsLibravatar netblue302018-01-19
| |
* | removed mem-deny-execute from transmission-qt profile, #1736Libravatar netblue302018-01-19
| |
* | mergesLibravatar netblue302018-01-19
| |
* | Merge pull request #1738 from vn971/add_syscalls_glibc_2.26Libravatar netblue302018-01-19
|\ \ | | | | | | add new syscalls from glibc 2.26-10
| * | add new syscalls from glibc 2.26-10Libravatar Vasya Novikov2018-01-18
| | | | | | | | | | | | File generated by ../tools/extract_syscall, as per instructions
* | | remove QML_DISABLE_DISK_CACHE from disable-common.incLibravatar smitsohu2018-01-18
|/ / | | | | hardcoded since 1e7045b55cc1e189dba6d9ed21c05c90663f3736
* | temporarely removed private-lib, GnomeShell problems: #1711Libravatar netblue302018-01-18
| |
* | Qt fixes: QML_DISABLE_DISK_CACHE=1, QTWEBENGINE_DISABLE_SANDBOX=1Libravatar netblue302018-01-18
| |
* | Add pycharm-professional profileLibravatar Fred-Barclay2018-01-17
| |
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-24 23:13:20 +0000