Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | simplify join timeout | 2019-12-23 | |
| | |||
* | cleanup | 2019-12-23 | |
| | |||
* | make join timeout configurable in firejail.config | 2019-12-23 | |
| | |||
* | let join wait if target sandbox is not ready yet | 2019-12-23 | |
| | | | | fixes #2139 | ||
* | move invalid_sandbox function to join module | 2019-12-22 | |
| | |||
* | fixing the fix | 2019-11-14 | |
| | | | | | get previous commit acbf707889ae241bfd476f5371df4599103b6606 in line with treatment of other directories in /run/firejail/mnt | ||
* | blacklist private-home runtime directory | 2019-11-14 | |
| | | | | | as far as possible avoid creating locations in the file system that are both writable and executable | ||
* | simplify private option ownership checks and make them more consistent | 2019-11-14 | |
| | | | | | | allowing private and home directory to be owned by different users if the home directory is inside /home was thought to add flexibility, but the scenario is maybe a bit too exotic, and ignoring it paves the way for a simplification | ||
* | readme/relnotes updates | 2019-11-13 | |
| | |||
* | Merge pull request #3044 from netblue30/ssh_nc | 2019-11-13 | |
|\ | | | | | RFC: profiles: allow nc in ssh profile by default | ||
| * | profiles: allow nc in ssh profile by default | 2019-11-13 | |
| | | |||
* | | Merge pull request #3037 from vutny/fix-3029 | 2019-11-13 | |
|\ \ | | | | | | | Resolve #3029: drop outdated Skype profile | ||
| * | | Resolve #3029: drop outdated Skype profile | 2019-11-12 | |
| | | | |||
* | | | wine: propose allow-debuggers instead | 2019-11-13 | |
| | | | |||
* | | | harden wine profile | 2019-11-13 | |
| |/ |/| | |||
* | | add signal mediation to apparmor profile | 2019-11-13 | |
| | | | | | | | | second line of defense, as there is always a pid namespace, too | ||
* | | some apparmor profile cleanup | 2019-11-12 | |
| | | | | | | | | | | | | | | | | writing in /run/firejail/profile has always been restricted to root user, and in addition this folder is blacklisted since recently; @{profile_name} is built-in and adds a bit of flexibility; apparmor cannot be used to restrict directory search permission, so add more rules for sensitive paths | ||
* | | Merge branch 'master' of https://github.com/netblue30/firejail | 2019-11-12 | |
|\ \ | |||
| * | | Fix dig.profile on Ubuntu | 2019-11-11 | |
| | | | | | | | | | Fixes #3038. | ||
* | | | blacklist .fscrypt directories | 2019-11-12 | |
| | | | |||
* | | | private-options: add homedir ownership check | 2019-11-12 | |
| | | | |||
* | | | private-cache warning messages - #2968 | 2019-11-12 | |
|/ / | |||
* | | Merge branch 'master' of https://github.com/netblue30/firejail | 2019-11-11 | |
|\| | |||
| * | rework strings.profile | 2019-11-10 | |
| | | | | | | | | close #2988 | ||
* | | tentatively fix k3b profile - #2989 | 2019-11-11 | |
| | | |||
* | | add HAS_NET conditional | 2019-11-11 | |
|/ | |||
* | add kfind profile | 2019-11-09 | |
| | |||
* | fix nano support in git profile | 2019-11-09 | |
| | |||
* | harden baloo | 2019-11-09 | |
| | |||
* | Fix #3024 | 2019-11-08 | |
| | | | | html5, flash and widevine media support unavailable since vivaldi 2.9 | ||
* | dia profile: disable interpreters but allow python | 2019-11-08 | |
| | |||
* | Disabled --overlay for kernels 4.219 and newer until we can bring a fix in | 2019-11-08 | |
| | |||
* | README | 2019-11-08 | |
| | |||
* | Merge pull request #3032 from matu3ba/master | 2019-11-08 | |
|\ | | | | | dia apparently wants access to python and crashes without | ||
| * | dia apparently wants access to python interpreter and environment for ↵ | 2019-11-08 | |
|/ | | | | scripting, even though it is written in C, maybe another fix would be better | ||
* | Update QOwnNotes.profile (#3028) | 2019-11-07 | |
| | | | | | | | | | | | | | * Update QOwnNotes.profile Fix startup problem in Ubuntu 19.10: "bus[17]: D-Bus library appears to be incorrectly set up: see the manual page for dbus-uuidgen to correct this issue. (Failed to open "/var/lib/dbus/machine-id": Datei oder Verzeichnis nicht gefunden; Failed to open "/etc/machine-id": Datei oder Verzeichnis nicht gefunden) D-Bus not built with -rdynamic so unable to print a backtrace" * Update etc/QOwnNotes.profile Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com> | ||
* | dns fixes | 2019-10-31 | |
| | |||
* | testing | 2019-10-31 | |
| | |||
* | testing | 2019-10-31 | |
| | |||
* | gitignore | 2019-10-31 | |
| | |||
* | cleanup after scan-build | 2019-10-31 | |
| | |||
* | remove scan-build warning | 2019-10-31 | |
| | |||
* | Add libdrm to wusc | 2019-10-30 | |
| | |||
* | Move libdrm whitelisting to wusc | 2019-10-30 | |
| | |||
* | Update mpv.profile | 2019-10-30 | |
| | |||
* | Wusc fixes for profiles allowing perl (#3021) | 2019-10-30 | |
| | | | | | | | | | | | | * Grant wusc access to perl in spectre-meltdown.profile * Grant wusc access to perl for exiftool.profile * Grant wusc access to perl for conplay.profile * Grant wusc access to perl for clawsker.profile * Grant wusc access to perl for checkbashisms.profile | ||
* | Slack profile: use temporary cache (#3019) | 2019-10-30 | |
| | | | Fixes #3015 | ||
* | Fix ebook-viewer/calibre on manjaro (#2998) | 2019-10-28 | |
| | | | | | | | | * Fix ebook-viewer on manjaro closes #2996 * Move fix to calibre.profile | ||
* | Rework waterfox profile (#3014) | 2019-10-28 | |
| | | | closes #3013 | ||
* | Update mpv.profile | 2019-10-27 | |
| |