Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | apparmor: disable exec from home by default | Vincent43 | 2018-08-27 |
| | | | Executing from /home was supposed to be disabled by default | ||
* | apparmor: improve rules for filesystem access | Vincent43 | 2018-08-27 |
| | | | | | * Make clear distinction for read, write and execute. * Don't allow write and execute at the same time. * Simplify and improve syntax to catch more exceptions with fewer rules | ||
* | Add private-bin to 0ad | Fred-Barclay | 2018-08-26 |
| | |||
* | allow system users to run the sandbox | netblue30 | 2018-08-26 |
| | |||
* | support for local user directories in firecfg (--bindir) | netblue30 | 2018-08-25 |
| | |||
* | cleanup, small improvements | smitsohu | 2018-08-25 |
| | |||
* | Add python program to more easily debug profiles | Fred-Barclay | 2018-08-24 |
| | | | | | Should help with issues like #1946 where the user needs to comment out all profile lines and then re-enable them individually to test | ||
* | Fixup obs.profile (no python) | Tad | 2018-08-23 |
| | |||
* | Merges | Tad | 2018-08-23 |
| | |||
* | Create pybitmessage.profile (#2092) | 1dnrr | 2018-08-23 |
| | | | tested on fedora-28 with pybitmessage 0.6.3.2 | ||
* | Merge pull request #2094 from 1dnrr/patch-3 | smitsohu | 2018-08-23 |
|\ | | | | | Update disable-common.inc | ||
| * | Update disable-common.inc | 1dnrr | 2018-08-23 |
|/ | |||
* | Misc fixes | Tad | 2018-08-22 |
| | |||
* | fix microphone in slack profile - #2034 | smitsohu | 2018-08-23 |
| | |||
* | removed --disable-bind configuration option; some ohter minor cleanup | startx2017 | 2018-08-22 |
| | |||
* | relax restrictions imposed on filesystem log (fslogger) in ↵ | smitsohu | 2018-08-22 |
| | | | | ec7f59b8d370c29bd229fa9124640611c0667159 | ||
* | close private-cache memleak | smitsohu | 2018-08-22 |
| | |||
* | drop privs when permissions are changed in /run/user/$UID | smitsohu | 2018-08-22 |
| | |||
* | Update steam.profile to support proton/steamplay | Tad | 2018-08-21 |
| | |||
* | refactor, check the sandbox status for all join options | smitsohu | 2018-08-20 |
| | |||
* | Document how to access local mail with thunderbird and claws-mail (fixes #1509) | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-08-20 |
| | |||
* | Simplify fix for #2062 | Tad | 2018-08-20 |
| | |||
* | fix check for find_child return value (bandwidth.c, netfilter.c) | smitsohu | 2018-08-20 |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2018-08-19 |
|\ | |||
| * | Add a profile for ClamTK | Tad | 2018-08-19 |
| | | |||
| * | Minor steam.profile fixup from downstream ParrotSec fork | Tad | 2018-08-19 |
| | | |||
| * | Fixup f9aeac080a830fc1aaf07f0beff781a1ed7e42ad | Tad | 2018-08-19 |
| | | |||
* | | check privileges for dns.print | smitsohu | 2018-08-19 |
| | | |||
* | | fix also the second instance of pid_get_uid | smitsohu | 2018-08-19 |
|/ | |||
* | fix pid_get_uid for the root user | smitsohu | 2018-08-19 |
| | |||
* | qutebrowser.profile: noblacklist /usr/lib/llvm | Vincent43 | 2018-08-19 |
| | | | Fixes https://github.com/netblue30/firejail/issues/2087 | ||
* | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2018-08-19 |
|\ | |||
| * | Warn when /usr/local/bin/<program> already exists and is not a symlink ↵ | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-08-19 |
| | | | | | | | | (fixes #667) | ||
| * | Revert "apparmor fix: somehow it cannot find the firejail profile to load it" | Vincent43 | 2018-08-19 |
| | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 949a221a1b92e422e6dcb7ea6089ed5c8d5cc22a. The 'firejail-default' is the name of 'unnatached' profile not path to it. Moreover names starting with '/' are changing profile type back to 'standard' which in this case means we literally create profile for the profile file itself '/etc/apparmor.d/firejail-default'. That means firejail would never load this profile to contain any app thus we have to revert this. For more info, see https://www.suse.com/documentation/sles-15/singlehtml/book_security/book_security.html#sec.apparmor.profiles.types.unattached | ||
* | | small enhancement to join.c (ready-for-join is always a regular file) | smitsohu | 2018-08-19 |
|/ | |||
* | Fix for #2062 | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-08-19 |
| | |||
* | fix failing travis build (make no assumptions about C standard) | smitsohu | 2018-08-19 |
| | | | | plus function rename | ||
* | man: fix example for --build command | Reiner Herrmann | 2018-08-19 |
| | |||
* | Merge branch 'master' of http://github.com/netblue30/firejail | netblue30 | 2018-08-19 |
|\ | |||
| * | fix issue with join option | smitsohu | 2018-08-19 |
| | | |||
* | | apparmor fix: somehow it cannot find the firejail profile to load it | netblue30 | 2018-08-19 |
| | | |||
* | | minor cleanup | netblue30 | 2018-08-19 |
|/ | |||
* | tests: increase some timeouts in which I was running | Reiner Herrmann | 2018-08-16 |
| | |||
* | tests: make top output independent of username, which could be too long | Reiner Herrmann | 2018-08-16 |
| | |||
* | Unlink files at end | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-08-16 |
| | |||
* | Generate temporary filenames instead of using a fixed one (fixes #2083) | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-08-16 |
| | |||
* | harden private-home mounting, small improvements | smitsohu | 2018-08-16 |
| | |||
* | tests: skip fs_dev_shm.exp if /dev/shm is not writable | Reiner Herrmann | 2018-08-15 |
| | |||
* | tests: make sure needed directories exist | Reiner Herrmann | 2018-08-15 |
| | |||
* | improve detection of symbolic links | smitsohu | 2018-08-15 |
| |