Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | tests: make sure needed directories exist | 2018-08-15 | |
| | |||
* | improve detection of symbolic links | 2018-08-15 | |
| | |||
* | fix NP deref | 2018-08-15 | |
| | | | | private-home and private-bin are included just for consistency | ||
* | wireshark.profile: enable apparmor | 2018-08-15 | |
| | |||
* | apparmor: cleanup duplicate rules | 2018-08-15 | |
| | | | Those are already covered with https://github.com/netblue30/firejail/blob/0.9.56-rc1/etc/firejail-default#L33 | ||
* | apparmor: allow execution from /usr/lib64 | 2018-08-15 | |
| | | | /usr/lib64 was missing from execution whitelist and it's used in openSUSE, see https://github.com/netblue30/firejail/issues/2078 | ||
* | Merge pull request #2081 from SkewedZeppelin/descriptions | 2018-08-14 | |
|\ | | | | | Add descriptions to profiles | ||
| * | Cleanup descriptions | 2018-08-13 | |
| | | |||
| * | Add descriptions to profiles, pulled from Arch Linux | 2018-08-13 | |
| | | |||
| * | Add descriptions to profiles, pulled from Ubuntu 18.04 | 2018-08-13 | |
| | | |||
* | | spotify.profile: remove /sys from blacklist | 2018-08-14 | |
| | | | | | | Blacklisting whole /sys is too restrictive, it may break various graphics stacks, see https://github.com/netblue30/firejail/issues/2080 | ||
* | | Add seccomp line from firefox-common to Tor Browser profiles | 2018-08-14 | |
|/ | | | | - The next version of TBB is based on Firefox 60 and will need the same changes to prevent breakage | ||
* | Add profile for electrum0.9.56-rc1 | 2018-08-13 | |
| | | | | + minor nitpicks to beaker.profile | ||
* | Merges | 2018-08-12 | |
| | |||
* | Merge pull request #2079 from flacks/profiles/beaker | 2018-08-12 | |
|\ | | | | | Add Beaker browser | ||
| * | Add Beaker browser | 2018-08-12 | |
|/ | |||
* | various small improvements, fixes, nitpicks | 2018-08-11 | |
| | |||
* | clear all warnings from cppcheck static code analysis | 2018-08-11 | |
| | | | | obtained with: cppcheck --enable=warning --force --inconclusive --quiet ~/firejail/src | ||
* | release 0.9.56~rc1 testing | 2018-08-11 | |
| | |||
* | xdg macro: silence resolve messages unless arg_debug | 2018-08-10 | |
| | |||
* | Replace all possible HTTP links with HTTPS | 2018-08-08 | |
| | |||
* | Minor private-etc cleanup | 2018-08-08 | |
| | | | | Command: grep "private-etc none," -Ril . | ||
* | Stop breaking PKI with private-etc | 2018-08-08 | |
| | | | | | Command: grep "crypto-policies" -iL $(grep "private-etc" -il $(grep "inet,inet6" . -Rl)) + fixes for #2077 | ||
* | Merges | 2018-08-08 | |
| | | | | | + a fix for Totem + and a bit missed from 3c2a7e4c91aa030218b5ad7fa6291d16f1d51b53 | ||
* | Merge pull request #2076 from Freso/additional-vim-profiles | 2018-08-08 | |
|\ | | | | | Add various `vim` related profiles | ||
| * | Add various `vim` related profiles | 2018-08-08 | |
|/ | |||
* | xdg macro testing | 2018-08-07 | |
| | |||
* | xdg support: split xdg whitelist code in a different module | 2018-08-07 | |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-08-04 | |
|\ | |||
| * | indentation fix | 2018-08-04 | |
| | | |||
| * | automatically trim trailing slashes for whitelisting, fix mountinfo test | 2018-08-04 | |
| | | | | | | | | | | | | Command-line autocompletion adds a trailing slash to directories, which leads to a usability problem for whitelisting. So before doing any path validation it is attempted to trim trailing slashes and dots. | ||
* | | --ignore cleanup | 2018-08-04 | |
|/ | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-08-02 | |
|\ | |||
| * | Check tmp1 and tmp2 for NULL before passing to parse_nowhitelist (thanks ↵ | 2018-08-02 | |
| | | | | | | | | @smitsohu!) | ||
* | | port whitelist path creation to "at" family of functions | 2018-08-02 | |
| | | |||
* | | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-08-01 | |
|\| | |||
| * | Fixed Documents handling (consume trailing /) and hide XDG warnings unless ↵ | 2018-07-31 | |
| | | | | | | | | --debug is enabled. | ||
| * | Check to see if expand_home is called as root and switch to user (and ↵ | 2018-07-31 | |
| | | | | | | | | restore root at the end) | ||
| * | Sound fixes | 2018-07-31 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Adds machine-id to all profiles with 'private-etc *pulse*' - This fixes sound under many profiles - This is related to #2037, except this adds etc machine-id not spoofed machine-id - Spoofed machine-id seems to break pulseaudio on some systems - We already do this in profiles like firefox-common (see the note in it) - pulseaudio's enable-shm set to yes or no doesn't fix this issue on systems where it occurs - We can revert this in the future if we find a fix - Command used: grep -e music -e videos -e audio -e pulse -e asound -il $(grep "machine-id" -iL $(grep "private-etc" . -Rl)) | ||
| * | Add XDG variable support to blacklist and read-only. | 2018-07-31 | |
| | | |||
* | | enhance safe_fd function so it can digest arbitrary pathnames | 2018-08-01 | |
|/ | |||
* | Merges | 2018-07-30 | |
| | |||
* | Disable private-etc for xviewer.profile | 2018-07-29 | |
| | | | | - Breaks xviewer under Fedora 28 Cinnamon | ||
* | line counter | 2018-07-27 | |
| | |||
* | removed compile time --enable-network=restricted, --net=none allowed even if ↵ | 2018-07-26 | |
| | | | | networking was disabled at compile time or at run time, fixed issue #2061 | ||
* | Document #1945 | 2018-07-25 | |
| | |||
* | Document that nodbus breaks Ubuntu titlebar menu (#1942) | 2018-07-25 | |
| | |||
* | Merges | 2018-07-25 | |
| | |||
* | created flameshot profile (#2063) | 2018-07-25 | |
| | | | | | | | | * created flameshot profile * made requested changes * private-etc fixed | ||
* | fix --net=wlan | 2018-07-25 | |
| |