Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | | fix ghostwriter | rusty-snake | 2019-07-28 | |
| | | ||||
* | | fix private-tmp/pam-tmpdir interaction - #2685 | smitsohu | 2019-07-27 | |
| | | ||||
* | | update version table | Reiner Herrmann | 2019-07-26 | |
| | | ||||
* | | Remove private-cache from unzip | glitsj16 | 2019-07-26 | |
|/ | | | The `private-cache` option breaks electron related builds (see [this](https://github.com/minbrowser/min/issues/793) for an example). | |||
* | fix file-roller.profile | rusty-snake | 2019-07-25 | |
| | ||||
* | update private-bin for tbb | rusty-snake | 2019-07-25 | |
| | ||||
* | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2019-07-25 | |
|\ | ||||
| * | fix make scan-build for debian 10 and arch | netblue30 | 2019-07-22 | |
| | | ||||
| * | fix make cppcheck for debian 10 | netblue30 | 2019-07-22 | |
| | | ||||
| * | snap cleanup - #2865 | netblue30 | 2019-07-22 | |
| | | ||||
| * | Update syscalls.txt | rusty-snake | 2019-07-22 | |
| | | | | | | | | | | | | * remove mincore * add @default without chroot * add @default-nodebuggers without chroot | |||
* | | fix whitelisting for homedirs outside /home | smitsohu | 2019-07-25 | |
| | | ||||
* | | fix verbosity for non-authorized user | smitsohu | 2019-07-22 | |
|/ | | | | | | users not in firejail.users should only see the error, not the symlink warning. Also exposes less code to non- authorized users. | |||
* | merges | rusty-snake | 2019-07-18 | |
| | ||||
* | fix gucharmap & add gnome-characters, gnome-character-map | rusty-snake | 2019-07-18 | |
| | ||||
* | use allow-debuggers in spectre-meltdown-checker | rusty-snake | 2019-07-18 | |
| | ||||
* | Harden gnome-schedule | glitsj16 | 2019-07-18 | |
| | | | Let's disable using a terminal for cron job testing by default and make this a whitelist profile. | |||
* | travis ci: add enable-fatal-warnings | smitsohu | 2019-07-18 | |
| | ||||
* | document profile support for allow-debuggers in firejail-profile man page ↵ | Sebastian Hafner | 2019-07-17 | |
| | | | | (#2861) | |||
* | faudit: fix gcc stringop-truncation warning | smitsohu | 2019-07-17 | |
| | ||||
* | packaging badge | netblue30 | 2019-07-16 | |
| | ||||
* | apparmor: minor improvements | Vincent43 | 2019-07-16 | |
| | | | | | | | Use @{PID} consistently. Remove 'deny /proc/** w,' suggestion as it will break all whitelisted entries. | |||
* | check for dir existence before private-* mount | smitsohu | 2019-07-16 | |
| | | | fixes #2859 | |||
* | profile support for allow-debuggers (#2856) | Sebastian Hafner | 2019-07-15 | |
| | ||||
* | apparmor: allow writing to /proc/@{PID}/comm | Vincent43 | 2019-07-14 | |
| | | | | | | This is needed by various electron apps, see: https://github.com/netblue30/firejail/issues/2538 https://github.com/netblue30/firejail/issues/2854 | |||
* | homedirs: turn "informational error" into warning | smitsohu | 2019-07-14 | |
| | ||||
* | don't allow root directory as home | smitsohu | 2019-07-14 | |
| | ||||
* | Merge pull request #2858 from veloute/sn-fix | veloute | 2019-07-13 | |
|\ | | | | | fix seccomp issues with standardnotes-desktop. see issue #2854 | |||
| * | issues with electron-based apps. see issue #2854 | veloute | 2019-07-13 | |
|/ | ||||
* | update version table | Reiner Herrmann | 2019-07-13 | |
| | ||||
* | uniformly mask /home in all private home options | smitsohu | 2019-07-12 | |
| | ||||
* | private-home: remove redundancy | smitsohu | 2019-07-12 | |
| | ||||
* | Merge pull request #2855 from veloute/galc-fix | rusty-snake | 2019-07-12 | |
|\ | | | | | ipc-namespace breaks galculator on archlinux | |||
| * | ipc-namespace breaks galculator on archlinux | veloute | 2019-07-12 | |
| | | ||||
* | | rename some variables so they don't shadow others with same name | Reiner Herrmann | 2019-07-11 | |
| | | | | | | | | via lgtm.com | |||
* | | fix minor issues from lgtm.com | Reiner Herrmann | 2019-07-11 | |
| | | ||||
* | | Merge pull request #2850 from disconnect3d/patch-1 | Reiner Herrmann | 2019-07-11 | |
|\ \ | | | | | | | Update pid.c | |||
| * | | Update pid.c | Disconnect3d | 2019-07-10 | |
| | | | | | | | | | Remove redundant `child` variable in src/lib/pid.c | |||
* | | | Update libpostexecseccomp.c (#2851) | Disconnect3d | 2019-07-11 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update libpostexecseccomp.c Remove `if (size != 0)` condition, which is always true as there is a `if (size <= 0)` condition before. Also note that if the `if (size <= 0)` condition wouldn't be there and `size` would be 0, there would have been an undefined behavior in due to division by zero in `(unsigned short) size / (unsigned short) sizeof(struct sock_filter);`. Found with LGTM: https://lgtm.com/projects/g/netblue30/firejail/snapshot/961c4ca00425b60a7bc8543460031a8ebf3d8aa6/files/src/libpostexecseccomp/libpostexecseccomp.c#x838c24f710410160:1 | |||
* | | | Support media on other drives in youtube-dl.profile | glitsj16 | 2019-07-11 | |
| | | | | | | | | | Thanks to @SkewedZeppelin for catching this, see comments in https://github.com/netblue30/firejail/pull/2584. | |||
* | | | remove duplicate fclose/free | Reiner Herrmann | 2019-07-10 | |
| | | | ||||
* | | | less.profile: make ${HOME} read-only | Vincent43 | 2019-07-10 | |
|/ / | | | | | less is usually used to view various text files including configs so blacklisting many of them in ${HOME} make it less(sic!) usable. We can make them read-only instead. | |||
* | | Add gdb-firejail.sh to contrib for easy debugging of firejail with gdb. | Glenn Washburn | 2019-07-09 | |
| | | ||||
* | | Sort private-bin in obs.profile (#2848) | glitsj16 | 2019-07-09 | |
| | | ||||
* | | Add redirects for mpg123 (#2847) | glitsj16 | 2019-07-09 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Create conplay.profile * Create mpg123.bin.profile * Create mpg123-alsa.profile * Create mpg123-id3dump.profile * Create mpg123-jack.profile * Create mpg123-nas.profile * Create mpg123-openal.profile * Create mpg123-oss.profile * Create mpg123-portaudio.profile * Create mpg123-pulse.profile * Create mpg123-strip.profile * Create out123.profile * Add mpg123 redirects to fireconfig | |||
* | | Merge pull request #2844 from crass/fix-561-trace-appimage | netblue30 | 2019-07-09 | |
|\ \ | | | | | | | Fix issue #561. Refactor/Optimize code to get and use pid and process name. | |||
| * | | Fix issue #561. Refactor/Optimize code to get and use pid and process name. | Glenn Washburn | 2019-07-09 | |
| | | | ||||
* | | | Merge pull request #2843 from crass/fix-2842-extra-appimage-envvars | netblue30 | 2019-07-09 | |
|\ \ \ | | | | | | | | | Add OWD and ARGV0 environment variables. Correctly create APPIMAGE envvar. | |||
| * | | | Add OWD and ARGV0 environment variables. Correctly create APPIMAGE envvar. | Glenn Washburn | 2019-07-09 | |
| |/ / | ||||
* | | | Merge pull request #2845 from smitsohu/homedir2 | netblue30 | 2019-07-09 | |
|\ \ \ | |/ / |/| | | improve support for home directories outside /home |