aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* move copyright statement to 2018Libravatar startx20172018-01-14
|
* Add a profile for PitiviLibravatar Tad2018-01-12
|
* fs_lib: don't ldd directories, part 2Libravatar Topi Miettinen2018-01-10
|
* fs_lib: don't ldd directoriesLibravatar Topi Miettinen2018-01-10
|
* disable qml disk cache globallyLibravatar smitsohu2018-01-08
|
* Fixup b9846aed427487f5acc764eb21369b0c9cb2b41aLibravatar Tad2018-01-04
|
* Add a Firefox profile alias for Firefox Developer EditionLibravatar Tad2018-01-04
|
* mergesLibravatar netblue302018-01-03
|
* improve theming support (kvantum, qt5ct) - #1540Libravatar smitsohu2018-01-02
|
* Merge pull request #1701 from bn0785ac/masterLibravatar netblue302018-01-02
|\ | | | | tor flavours
| * TBB pt-br fixupLibravatar Tad2018-01-01
| |
| * Simplfy locale specific Tor Browser profilesLibravatar Tad2018-01-01
| |
| * tor flavoursLibravatar Your Name2017-12-30
| |
* | optimize default seccomp filtersLibravatar netblue302018-01-02
| |
* | Merge pull request #1710 from bitfreak25/masterLibravatar SpotComms2018-01-01
|\ \ | | | | | | Add profile for "playonlinux"
| * | Add profile for "playonlinux"Libravatar bitfreak252018-01-01
| | | | | | | | | | | | | | | | | | | | | This profile have been successfully tested by starting a windows application through it. "wine.profile" has been used as template for this. Only "noblacklist ${PATH}/nc" has been added because playonlinux needs it to run. Please note that this is currently not tested due to security aspects, so it may need a rework later on. Because opening a unknown windows application through it could possibly be a security risk.
* | | Merge pull request #1708 from bitfreak25/masterLibravatar SpotComms2018-01-01
|\| | | | | | | | Fix #1702 - Couldn't start 'minetest' in Debian Testing
| * | Fixup fix for #1702Libravatar Tad2018-01-01
| | |
| * | Fix #1702 - Couldn't start 'minetest' in Debian TestingLibravatar bitfreak252018-01-01
| |/ | | | | This removes the "private-etc" line from the "minetest"-profile for a successfully start of the game.
* | Merge pull request #1706 from sgtpep/patch-5Libravatar Fred Barclay2017-12-31
|\ \ | | | | | | Blacklist the Dash Core wallet directory
| * | Blacklist the Dash wallet directoryLibravatar Danil Semelenov2017-12-31
|/ /
* | Merge pull request #1704 from bitfreak25/patch-1Libravatar Fred Barclay2017-12-30
|\ \ | |/ |/| Add "sylpheed" to profiles
| * Add "sylpheed" to profilesLibravatar bitfreak252017-12-30
|/ | | This profile have been successfully tested by sending and receiving an Email. "claws-mail.profile" has been used as template for this.
* READMELibravatar smitsohu2017-12-30
|
* Merge pull request #1700 from bn0785ac/masterLibravatar smitsohu2017-12-30
|\ | | | | inox edgy flavours fix (doesnt work history and extensions)
| * inox edgy flavoursLibravatar Your Name2017-12-30
|/
* firemon --tree fixLibravatar startx20172017-12-29
|
* Fix #1690 - qbittorrent doesn't launch on some Arch and Mint 17.3 systemsLibravatar Fred Barclay2017-12-28
|
* testingLibravatar netblue302017-12-28
|
* replacing seccomp printing with a seccomp disassemblerLibravatar netblue302017-12-28
|
* Add netlink and noblacklist openssl to teamspeak3 profile - potential fix ↵Libravatar Fred-Barclay2017-12-27
| | | | for #1695
* adding basilisk profile - #1693Libravatar netblue302017-12-27
|
* Merge branch 'master' of http://github.com/netblue30/firejailLibravatar netblue302017-12-27
|\
| * Merge pull request #1697 from sgtpep/patch-4Libravatar netblue302017-12-27
| |\ | | | | | | Blacklist the monero wallets directory
| | * Blacklist the monero wallets directoryLibravatar Danil Semelenov2017-12-27
| | | | | | | | | ~/Monero/wallets is the default path suggested by the official wallet application, but it can be changed by user.
| * | Merge pull request #1696 from sgtpep/patch-3Libravatar netblue302017-12-27
| |\ \ | | |/ | |/| Blacklist ~/.ethereum
| | * Blacklist ~/.ethereumLibravatar Danil Semelenov2017-12-27
| |/
* / fix private-dev for Jack Audio setups - #1694Libravatar netblue302017-12-27
|/
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar Fred-Barclay2017-12-24
|\
| * Fix #1686: comment out icedove dirs and don't attempt to mkdir ↵Libravatar Fred Barclay2017-12-23
| | | | | | | | /home/fred/.icedove to avoid clash with Thunderbird on Debian systems.
* | Fix #1686: comment out icedove dirs and don't attempt to mkdir ~/.icedove to ↵Libravatar Fred Barclay2017-12-24
|/ | | | avoid clash with Thunderbird on Debian systems.
* Merge pull request #1691 from DiGitHubCap/masterLibravatar Fred Barclay2017-12-22
|\ | | | | Fix Deluge
| * Fix DelugeLibravatar DiGitHubCap2017-12-22
| | | | | | | | | | Deluge needs access to more than the deluge binary if it runs as a daemon (or if you want to access it via the web or command line)
* | kwin_x11 fixesLibravatar smitsohu2017-12-22
| |
* | Merge pull request #1687 from floxo/masterLibravatar smitsohu2017-12-22
|\ \ | | | | | | Added environment variable QML_DISABLE_DISK_CACHE=1 to okular.profile.
| * | Added environment variable QML_DISABLE_DISK_CACHE=1 to okular.profile.Libravatar Flox2017-12-21
| |/ | | | | | | | | | | | | | | Without it, recent okular versions (here 17.12.0-1 on Arch Linux) crash with mprotect failed in ExecutableAllocator::makeExecutable: Permission denied due to the noexec constraints in the firejail profile.
* | Add iana-etc's services to private-etc in steam.profile, fixes #1688Libravatar Tad2017-12-22
| |
* | Merge pull request #1689 from gerasiov/masterLibravatar Fred Barclay2017-12-22
|\ \ | |/ |/| disable-common.inc: read-only access to ~/.ssh/authorized_keys
| * disable-common.inc: read-only access to ~/.ssh/authorized_keysLibravatar Alexander GQ Gerasiov2017-12-22
|/ | | | | | | | | | | | | | | disable-common.inc blacklists whole .ssh, but some profiles (e.g. idea.sh) unblacklists it to allow git over ssh with public key auth. But this creates security hole, since firejailed app could modify ~/.ssh/authorized_keys and allow arbitrary code execution on the host with sshd installed (e.g. ssh localhost and run any program) or even open backdoor for remote attacker. This commits disallows write access to ~/.ssh/authorized_keys even if .ssh was unblacklisted. Signed-off-by: Alexander GQ Gerasiov <gq@cs.msu.su>
* firemon fixesLibravatar netblue302017-12-18
|
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-05 12:22:36 +0000