Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | cleanup | 2018-08-29 | |
| | |||
* | apparmor: cleanup /home path | 2018-08-29 | |
| | |||
* | cleanup | 2018-08-29 | |
| | |||
* | silence warning about failed unmounting of /sys (overlay options) | 2018-08-29 | |
| | |||
* | cleanup | 2018-08-28 | |
| | |||
* | Revert "improve --chroot directory check" | 2018-08-28 | |
| | | | | | | this was unnecessary This reverts commit 0c2cbf05aa9553fbf5c90fb69928f2b276fead8b. | ||
* | improve --chroot directory check | 2018-08-28 | |
| | |||
* | fix private-tmp and private-dev in fbuilder | 2018-08-28 | |
| | |||
* | Merge branch 'master' of http://github.com/netblue30/firejail | 2018-08-28 | |
|\ | |||
| * | spotify.profile: allow /etc/hosts | 2018-08-28 | |
| | | |||
| * | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-08-28 | |
| |\ | |||
| * | | fix and harden overlay options | 2018-08-28 | |
| | | | |||
* | | | fbuider cleanup | 2018-08-28 | |
| |/ |/| | |||
* | | memory leaks | 2018-08-28 | |
| | | |||
* | | apparmor: disable exec from home by default | 2018-08-27 | |
| | | | | | | Executing from /home was supposed to be disabled by default | ||
* | | apparmor: improve rules for filesystem access | 2018-08-27 | |
|/ | | | | | * Make clear distinction for read, write and execute. * Don't allow write and execute at the same time. * Simplify and improve syntax to catch more exceptions with fewer rules | ||
* | Add private-bin to 0ad | 2018-08-26 | |
| | |||
* | allow system users to run the sandbox | 2018-08-26 | |
| | |||
* | support for local user directories in firecfg (--bindir) | 2018-08-25 | |
| | |||
* | cleanup, small improvements | 2018-08-25 | |
| | |||
* | Add python program to more easily debug profiles | 2018-08-24 | |
| | | | | | Should help with issues like #1946 where the user needs to comment out all profile lines and then re-enable them individually to test | ||
* | Fixup obs.profile (no python) | 2018-08-23 | |
| | |||
* | Merges | 2018-08-23 | |
| | |||
* | Create pybitmessage.profile (#2092) | 2018-08-23 | |
| | | | tested on fedora-28 with pybitmessage 0.6.3.2 | ||
* | Merge pull request #2094 from 1dnrr/patch-3 | 2018-08-23 | |
|\ | | | | | Update disable-common.inc | ||
| * | Update disable-common.inc | 2018-08-23 | |
|/ | |||
* | Misc fixes | 2018-08-22 | |
| | |||
* | fix microphone in slack profile - #2034 | 2018-08-23 | |
| | |||
* | removed --disable-bind configuration option; some ohter minor cleanup | 2018-08-22 | |
| | |||
* | relax restrictions imposed on filesystem log (fslogger) in ↵ | 2018-08-22 | |
| | | | | ec7f59b8d370c29bd229fa9124640611c0667159 | ||
* | close private-cache memleak | 2018-08-22 | |
| | |||
* | drop privs when permissions are changed in /run/user/$UID | 2018-08-22 | |
| | |||
* | Update steam.profile to support proton/steamplay | 2018-08-21 | |
| | |||
* | refactor, check the sandbox status for all join options | 2018-08-20 | |
| | |||
* | Document how to access local mail with thunderbird and claws-mail (fixes #1509) | 2018-08-20 | |
| | |||
* | Simplify fix for #2062 | 2018-08-20 | |
| | |||
* | fix check for find_child return value (bandwidth.c, netfilter.c) | 2018-08-20 | |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-08-19 | |
|\ | |||
| * | Add a profile for ClamTK | 2018-08-19 | |
| | | |||
| * | Minor steam.profile fixup from downstream ParrotSec fork | 2018-08-19 | |
| | | |||
| * | Fixup f9aeac080a830fc1aaf07f0beff781a1ed7e42ad | 2018-08-19 | |
| | | |||
* | | check privileges for dns.print | 2018-08-19 | |
| | | |||
* | | fix also the second instance of pid_get_uid | 2018-08-19 | |
|/ | |||
* | fix pid_get_uid for the root user | 2018-08-19 | |
| | |||
* | qutebrowser.profile: noblacklist /usr/lib/llvm | 2018-08-19 | |
| | | | Fixes https://github.com/netblue30/firejail/issues/2087 | ||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-08-19 | |
|\ | |||
| * | Warn when /usr/local/bin/<program> already exists and is not a symlink ↵ | 2018-08-19 | |
| | | | | | | | | (fixes #667) | ||
| * | Revert "apparmor fix: somehow it cannot find the firejail profile to load it" | 2018-08-19 | |
| | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 949a221a1b92e422e6dcb7ea6089ed5c8d5cc22a. The 'firejail-default' is the name of 'unnatached' profile not path to it. Moreover names starting with '/' are changing profile type back to 'standard' which in this case means we literally create profile for the profile file itself '/etc/apparmor.d/firejail-default'. That means firejail would never load this profile to contain any app thus we have to revert this. For more info, see https://www.suse.com/documentation/sles-15/singlehtml/book_security/book_security.html#sec.apparmor.profiles.types.unattached | ||
* | | small enhancement to join.c (ready-for-join is always a regular file) | 2018-08-19 | |
|/ | |||
* | Fix for #2062 | 2018-08-19 | |
| |