Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | enable/disable join support in /etc/firejail/firejail.config | startx2017 | 2017-03-23 |
| | |||
* | merges | netblue30 | 2017-03-22 |
| | |||
* | Merge pull request #1153 from startx2017/master | netblue30 | 2017-03-22 |
|\ | | | | | syscall list update | ||
| * | syscall list update (kernel 4.9.4, Arch Linux) | startx2017 | 2017-03-22 |
| | | |||
* | | Merge pull request #1152 from SYN-cook/master | netblue30 | 2017-03-22 |
|\ \ | | | | | | | blacklist X11 startup scripts | ||
| * | | don't blacklist ~/.profile | SYN-cook | 2017-03-22 |
| | | | | | | | | | sorry for the mistake... ~./profile is not only sourced by some display managers but also by shells, so we should keep everything as before | ||
| * | | Merge pull request #1 from SYN-cook/SYN-cook-patch-blacklist | SYN-cook | 2017-03-21 |
| |\ \ | | | | | | | | | more blacklisting (X11 session autostart), tidying up | ||
| | * | | redundant with disable-common.inc | SYN-cook | 2017-03-21 |
| | | | | |||
| | * | | more blacklisting (X11 session autostart) | SYN-cook | 2017-03-21 |
| |/ / | | | | | | | reorganization, added files according to Debian documentation | ||
* | / | fixed private-tmp problem on KDE systems | netblue30 | 2017-03-22 |
| |/ |/| | |||
* | | Edited profile request issue no. | Fred Barclay | 2017-03-21 |
| | | |||
* | | Fix lintian error when running `make deb`. | Fred Barclay | 2017-03-21 |
| | | | | | | | | | | | | | | | | | | | | | | contrib now has python files so lintian was complaining: E: firejail: python-script-but-no-python-dep usr/lib/firejail/fix_private-bin.py E: firejail: python-script-but-no-python-dep usr/lib/firejail/fjclip.py E: firejail: python-script-but-no-python-dep usr/lib/firejail/fjdisplay.py E: firejail: python-script-but-no-python-dep usr/lib/firejail/fjresize.py We now suggest python and python3 (not recommend or depend since it's not actually needed to use firejail) when building a Debian package. | ||
* | | Updated debian copyright notice for 2017 | Fred Barclay | 2017-03-21 |
| | | |||
* | | Audacious typo | Fred Barclay | 2017-03-21 |
| | | |||
* | | Removed all .cache directory references from profile files. The directory is ↵ | netblue30 | 2017-03-21 |
| | | | | | | | | disabled by default - a tmpfs is mounted on top of it. | ||
* | | compile cleanup | netblue30 | 2017-03-21 |
| | | |||
* | | maintenance | netblue30 | 2017-03-21 |
| | | |||
* | | Update warzone2100 profile for new version. | Fred Barclay | 2017-03-20 |
| | | | | | | | | | | Arch has warzone2100-3.2 in its repos. Since the profile only expected v3.1, it didn't work on Arch. The mkdir lines have also been commented out (so users don't end up with a useless warzone2100 directory in $HOME)... might need to re-enable it if it causes problems. | ||
* | | nogroups fix | netblue30 | 2017-03-20 |
| | | |||
* | | profile merges | netblue30 | 2017-03-20 |
| | | |||
* | | Merge pull request #1149 from SYN-cook/master | netblue30 | 2017-03-20 |
|\| | | | | | complete autostart blacklist for KDE | ||
| * | complete autostart blacklist for KDE | SYN-cook | 2017-03-19 |
| | | |||
* | | Merge pull request #1151 from Fred-Barclay/tilix | netblue30 | 2017-03-20 |
|\ \ | |/ |/| | Handles #1150 | ||
| * | Handles #1150 | Fred Barclay | 2017-03-19 |
|/ | | | | Terminix is being renamed to tilix. This adds ${PATH}/tilix to the blacklisted terminals in disable-common.inc without removing terminix (since there will still be users of terminix). | ||
* | profile merges | netblue30 | 2017-03-19 |
| | |||
* | Merge pull request #1147 from SYN-cook/SYN-cook-add-scribus | netblue30 | 2017-03-19 |
|\ | | | | | profile for scribus | ||
| * | harden scribus (nosound) | SYN-cook | 2017-03-18 |
| | | |||
| * | update scribus blacklist | SYN-cook | 2017-03-17 |
| | | | | | | default folder locations have changed from scribus 1.4 to 1.5 | ||
| * | update comment in disable-devel.inc (scribus) | SYN-cook | 2017-03-17 |
| | | |||
| * | profile for scribus | SYN-cook | 2017-03-17 |
| | | |||
| * | Merge pull request #3 from SYN-cook/SYN-cook-add-engrampa | SYN-cook | 2017-03-17 |
| |\ | | | | | | | new engrampa profile | ||
* | | | profile merges | netblue30 | 2017-03-18 |
| | | | |||
* | | | Merge pull request #1146 from SYN-cook/SYN-cook-add-engrampa | netblue30 | 2017-03-18 |
|\ \ \ | | | | | | | | | profile for engrampa | ||
| * | | | undo no3d (because redundant) | SYN-cook | 2017-03-17 |
| | | | | | | | | | | | | no3d is redundant with nogroups. | ||
| * | | | undo no3d (because redundant) | SYN-cook | 2017-03-17 |
| | | | | | | | | | | | | no3d is redundant with nogroups. | ||
| * | | | harden file-roller (no3d) | SYN-cook | 2017-03-17 |
| | |/ | |/| | |||
| * | | profile for engrampa | SYN-cook | 2017-03-17 |
| |/ | | | | | | | forked from file-roller.profile tested and works well for me | ||
* | | increased delay to 1 second in pid monitoring function for joined processes | netblue30 | 2017-03-14 |
| | | |||
* | | added support to enable/disable tmpfs mounting on top of ~/.cache directory | netblue30 | 2017-03-14 |
| | | |||
* | | fixed handling of .local profile files when the software is installed ↵ | netblue30 | 2017-03-14 |
| | | | | | | | | ~/.local directory | ||
* | | xmms profile fix | netblue30 | 2017-03-13 |
| | | |||
* | | fixed firefox profile on CentOS | netblue30 | 2017-03-11 |
| | | |||
* | | mount a tmpfs on top of ~/.cache directory by default | netblue30 | 2017-03-11 |
| | | |||
* | | mount a tmpfs on top of ~/.cache directory by default | netblue30 | 2017-03-11 |
| | | |||
* | | allow tmpfs for regular users for files in home directory | netblue30 | 2017-03-10 |
| | | |||
* | | config support to disable access to /mnt and /media | netblue30 | 2017-03-10 |
| | | |||
* | | --nowhitelist | netblue30 | 2017-03-09 |
| | | |||
* | | warning message not terminated by \n | netblue30 | 2017-03-09 |
| | | |||
* | | allow /tmp in mkdir and mkfile profile commands | netblue30 | 2017-03-07 |
| | | |||
* | | Following links in private-bin command ported from #1100 created problems ↵ | netblue30 | 2017-03-07 |
| | | | | | | | | for some users. I added a follow-symlink-private-bin entry in /etc/firejail/firejail.config file to enable/disable this functionality - default disabled. |