aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* simplify join timeoutLibravatar smitsohu2019-12-23
|
* cleanupLibravatar smitsohu2019-12-23
|
* make join timeout configurable in firejail.configLibravatar smitsohu2019-12-23
|
* let join wait if target sandbox is not ready yetLibravatar smitsohu2019-12-23
| | | | fixes #2139
* move invalid_sandbox function to join moduleLibravatar smitsohu2019-12-22
|
* fixing the fixLibravatar smitsohu2019-11-14
| | | | | get previous commit acbf707889ae241bfd476f5371df4599103b6606 in line with treatment of other directories in /run/firejail/mnt
* blacklist private-home runtime directoryLibravatar smitsohu2019-11-14
| | | | | as far as possible avoid creating locations in the file system that are both writable and executable
* simplify private option ownership checks and make them more consistentLibravatar smitsohu2019-11-14
| | | | | | allowing private and home directory to be owned by different users if the home directory is inside /home was thought to add flexibility, but the scenario is maybe a bit too exotic, and ignoring it paves the way for a simplification
* readme/relnotes updatesLibravatar netblue302019-11-13
|
* Merge pull request #3044 from netblue30/ssh_ncLibravatar netblue302019-11-13
|\ | | | | RFC: profiles: allow nc in ssh profile by default
| * profiles: allow nc in ssh profile by defaultLibravatar Reiner Herrmann2019-11-13
| |
* | Merge pull request #3037 from vutny/fix-3029Libravatar netblue302019-11-13
|\ \ | | | | | | Resolve #3029: drop outdated Skype profile
| * | Resolve #3029: drop outdated Skype profileLibravatar Denys Havrysh2019-11-12
| | |
* | | wine: propose allow-debuggers insteadLibravatar smitsohu2019-11-13
| | |
* | | harden wine profileLibravatar smitsohu2019-11-13
| |/ |/|
* | add signal mediation to apparmor profileLibravatar smitsohu2019-11-13
| | | | | | | | second line of defense, as there is always a pid namespace, too
* | some apparmor profile cleanupLibravatar smitsohu2019-11-12
| | | | | | | | | | | | | | | | writing in /run/firejail/profile has always been restricted to root user, and in addition this folder is blacklisted since recently; @{profile_name} is built-in and adds a bit of flexibility; apparmor cannot be used to restrict directory search permission, so add more rules for sensitive paths
* | Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-11-12
|\ \
| * | Fix dig.profile on UbuntuLibravatar glitsj162019-11-11
| | | | | | | | | Fixes #3038.
* | | blacklist .fscrypt directoriesLibravatar smitsohu2019-11-12
| | |
* | | private-options: add homedir ownership checkLibravatar smitsohu2019-11-12
| | |
* | | private-cache warning messages - #2968Libravatar smitsohu2019-11-12
|/ /
* | Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-11-11
|\|
| * rework strings.profileLibravatar rusty-snake2019-11-10
| | | | | | | | close #2988
* | tentatively fix k3b profile - #2989Libravatar smitsohu2019-11-11
| |
* | add HAS_NET conditionalLibravatar smitsohu2019-11-11
|/
* add kfind profileLibravatar smitsohu2019-11-09
|
* fix nano support in git profileLibravatar smitsohu2019-11-09
|
* harden balooLibravatar smitsohu2019-11-09
|
* Fix #3024Libravatar rusty-snake2019-11-08
| | | | html5, flash and widevine media support unavailable since vivaldi 2.9
* dia profile: disable interpreters but allow pythonLibravatar netblue302019-11-08
|
* Disabled --overlay for kernels 4.219 and newer until we can bring a fix inLibravatar netblue302019-11-08
|
* READMELibravatar netblue302019-11-08
|
* Merge pull request #3032 from matu3ba/masterLibravatar netblue302019-11-08
|\ | | | | dia apparently wants access to python and crashes without
| * dia apparently wants access to python interpreter and environment for ↵Libravatar Jan2019-11-08
|/ | | | scripting, even though it is written in C, maybe another fix would be better
* Update QOwnNotes.profile (#3028)Libravatar Niklas Goerke2019-11-07
| | | | | | | | | | | | | * Update QOwnNotes.profile Fix startup problem in Ubuntu 19.10: "bus[17]: D-Bus library appears to be incorrectly set up: see the manual page for dbus-uuidgen to correct this issue. (Failed to open "/var/lib/dbus/machine-id": Datei oder Verzeichnis nicht gefunden; Failed to open "/etc/machine-id": Datei oder Verzeichnis nicht gefunden) D-Bus not built with -rdynamic so unable to print a backtrace" * Update etc/QOwnNotes.profile Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
* dns fixesLibravatar netblue302019-10-31
|
* testingLibravatar netblue302019-10-31
|
* testingLibravatar netblue302019-10-31
|
* gitignoreLibravatar netblue302019-10-31
|
* cleanup after scan-buildLibravatar netblue302019-10-31
|
* remove scan-build warningLibravatar netblue302019-10-31
|
* Add libdrm to wuscLibravatar glitsj162019-10-30
|
* Move libdrm whitelisting to wuscLibravatar glitsj162019-10-30
|
* Update mpv.profileLibravatar rusty-snake2019-10-30
|
* Wusc fixes for profiles allowing perl (#3021)Libravatar glitsj162019-10-30
| | | | | | | | | | | | * Grant wusc access to perl in spectre-meltdown.profile * Grant wusc access to perl for exiftool.profile * Grant wusc access to perl for conplay.profile * Grant wusc access to perl for clawsker.profile * Grant wusc access to perl for checkbashisms.profile
* Slack profile: use temporary cache (#3019)Libravatar Denys Havrysh2019-10-30
| | | Fixes #3015
* Fix ebook-viewer/calibre on manjaro (#2998)Libravatar rusty-snake2019-10-28
| | | | | | | | * Fix ebook-viewer on manjaro closes #2996 * Move fix to calibre.profile
* Rework waterfox profile (#3014)Libravatar rusty-snake2019-10-28
| | | closes #3013
* Update mpv.profileLibravatar rusty-snake2019-10-27
|
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-05 15:13:40 +0000