aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* Add rambox profile from #1425Libravatar Fred Barclay2017-08-02
|
* mergesLibravatar Fred Barclay2017-08-02
|
* Merge pull request #1367 from SpotComms/mhLibravatar Fred Barclay2017-08-02
|\ | | | | Harden profiles
| * FixesLibravatar Fred-Barclay2017-08-02
| |
| * Add back net none/netfilter as neededLibravatar Fred-Barclay2017-08-02
| |
| * Partially synchronize Chromium-based profilesLibravatar Tad2017-08-02
| |
| * Add noexec to more profiles as tested by @curiosity-seekerLibravatar Tad2017-08-02
| | | | | | | | See https://github.com/netblue30/firejail/pull/1367#issuecomment-315793729
| * Initial adding of memory-deny-write-execute to profilesLibravatar Tad2017-08-02
| | | | | | | | | | | | | | | | - mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible - mdwe also breaks most 3d accelerated programs such as 3d games - mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference -- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf -- See https://github.com/nning/linux-pax-flags
| * Harden profilesLibravatar Tad2017-08-02
| | | | | | | | | | | | | | | | - Added 'disable-devel.conf' to many profiles - Added 'disable-mnt' to many profiles - Added 'noexec' to many profiles - Removed 'netfilter' and 'net none' from profiles with 'protocol unix' - Cleaned up profiles using defaults
* | get_mempolicy syscall was temporarily removed from the default seccomp list. ↵Libravatar netblue302017-08-02
|/ | | | | | It seems to break playing youtube videos on Firefox Nightly - #1414
* x11/xpra supportLibravatar netblue302017-08-01
|
* mergesLibravatar netblue302017-08-01
|
* Merge pull request #1423 from VladimirSchowalter20/VladimirSchowalter20-apparmorLibravatar netblue302017-08-01
|\ | | | | Add some /proc dirs to firejail apparmor profile
| * Add some /proc dirs to firejail apparmor profileLibravatar Vladimir Schowalter2017-08-02
|/
* compile cleanupLibravatar netblue302017-08-01
|
* Fix tracing with private-libLibravatar Topi Miettinen2017-08-01
|
* Merge pull request #1421 from SpotComms/fix1420Libravatar Fred Barclay2017-07-31
|\ | | | | Fix #1420
| * Fix #1420Libravatar Tad2017-07-31
|/
* Merge pull request #1415 from chiraag-nataraj/masterLibravatar netblue302017-07-31
|\ | | | | Tentative implementation for #1405
| * Ensure malloc was successfulLibravatar Chiraag Nataraj2017-07-30
| |
| * Remove debugging stuff, free start_child, exit properlyLibravatar Chiraag Nataraj2017-07-30
| |
| * Tentative implementation for #1405Libravatar Chiraag Nataraj2017-07-30
| |
* | Fixes for the private-lib and memory-deny-write-execute featuresLibravatar Topi Miettinen2017-07-30
| |
* | Memory-deny-write-execute featureLibravatar Topi Miettinen2017-07-30
| | | | | | | | Feature to block attempts to create writable and executable memory.
* | Improve loading of seccomp filterLibravatar Topi Miettinen2017-07-30
| | | | | | | | Also fixes a memory leak and double load.
* | Private /lib featureLibravatar Topi Miettinen2017-07-30
| |
* | mergesLibravatar Fred-Barclay2017-07-30
| |
* | mergesLibravatar netblue302017-07-30
| |
* | Merge pull request #1416 from rahiel/telegramLibravatar netblue302017-07-30
|\ \ | |/ |/| telegram is called telegram-desktop in Debian
| * telegram is called telegram-desktop in DebianLibravatar Rahiel Kasim2017-07-30
|/
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar netblue302017-07-29
|\
| * Merge pull request #1411 from SpotComms/armLibravatar Fred Barclay2017-07-29
| |\ | | | | | | Add a profile for arm
| | * Add a profile for armLibravatar Tad2017-07-29
| | |
| * | mergesLibravatar Fred-Barclay2017-07-29
| |/
* / --shell=none fixLibravatar netblue302017-07-29
|/
* mergesLibravatar netblue302017-07-29
|
* mergesLibravatar netblue302017-07-29
|
* Merge pull request #1410 from topimiettinen/seccomp-printLibravatar netblue302017-07-29
|\ | | | | Improve seccomp printing
| * Improve seccomp printingLibravatar Topi Miettinen2017-07-28
| |
* | new profilesLibravatar netblue302017-07-29
| |
* | arp reworkLibravatar netblue302017-07-29
|/
* network testingLibravatar netblue302017-07-27
|
* tentative fix for arp cahce pollution - #1406Libravatar netblue302017-07-27
|
* mergesLibravatar netblue302017-07-27
|
* Merge pull request #1409 from caoliver/masterLibravatar netblue302017-07-27
|\ | | | | Fix typo for fnet moveif invocation on 2nd interface.
| * Fix typo for fnet moveif invocation on 2nd interface.Libravatar Christopher A. Oliver2017-07-27
|/
* Merge pull request #1408 from drzraf/patch-1Libravatar Fred Barclay2017-07-27
|\ | | | | Zoom cache dir
| * Zoom cache dirLibravatar Raphaël Droz2017-07-27
|/ | | | | Zoom seems to use of a QT cache-disk feature which depends upon a ~/.cache/<app>/qmlcache directory. If it can not, Zoom will segfault with mprotect failed in ExecutableAllocator::makeExecutable: Permission denied
* Allow eom and xviewer to write to user's trashLibravatar Fred-Barclay2017-07-27
|
* Updates after mergesLibravatar Fred-Barclay2017-07-27
|
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 10:31:06 +0000