| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | | Add barrier profile (#3115) |  Adrian L. Shaw | 2020-01-04 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add barrier.profile * Add newline before special options * Modify description * Add disable mount to barrier.profile * Address feedback from rusty-snake * Remove stray carriage return * Add noexec for /home/user and /tmp * Don't blacklist openssl * Remove redundant rules | |||
| * | | Gentoo fixes (#3120) |  glitsj16 | 2020-01-04 | |
| | | | | | | | | | | | | | | | | | * fix private-etc on gentoo * Fix private-etc on gentoo * Fix evince on gentoo | |||
| * | | update pavucontrol |  rusty-snake | 2020-01-03 | |
| | | | | | | | | | see #3112 | |||
| * | | ${HOME} whitelisting breaks settings in artha | glitsj16 | 2020-01-03 | |
| | | | | | | | More background info in #3112. | |||
| * | | typo (wget) & fix (baobab) [skip ci] | rusty-snake | 2020-01-03 | |
| | | | ||||
| * | | fix #3110 | rusty-snake | 2020-01-03 | |
| | | | ||||
| * | | Get rid of #2302 (#3111) | rusty-snake | 2020-01-03 | |
| | | | ||||
| * | | fixup! Extra hardening for wget | rusty-snake | 2020-01-03 | |
| | | | ||||
| * | | Update README | glitsj16 | 2020-01-03 | |
| | | | ||||
| * | | Fix wusc in mpv (#3108) |  Daniel M. Capella | 2020-01-03 | |
| | | | | | | | Partly fixes #3107. | |||
| * | | Fix wusc in exiftool | glitsj16 | 2020-01-03 | |
| | | | | | | | Arch puts files under /usr/share/perl-image-exiftool, whitelist that path for wusc. | |||
| * | | Fix wusc in weechat | glitsj16 | 2020-01-03 | |
| | | | | | | | Partly fixes #3107 (the weechat part). | |||
| * | | Add artha log to disable-programs.inc | glitsj16 | 2020-01-02 | |
| | | | ||||
| * | | Fix artha | glitsj16 | 2020-01-02 | |
| | | | | | | | I intentionally wanted to have this as a 'whitelist' profile. The only snag is that artha seems to generate ${HOME}/.config/artha.config.XXXXXX that I cannot whitelist upfront. Added notes to highlight this behaviour. | |||
| * | | Extra hardening for wget | glitsj16 | 2020-01-02 | |
| | | | ||||
| * | | Additional hardening for whois | glitsj16 | 2020-01-02 | |
| | | | ||||
| * | | Harden artha.profile | glitsj16 | 2020-01-02 | |
| | | | ||||
| * | | Harden aria2c.profile | glitsj16 | 2020-01-02 | |
| | | | ||||
| * | | Future-proof private-lib in gedit.profile | glitsj16 | 2020-01-02 | |
| | | | | | | | Better fix for #3104 . | |||
| * | | tests: drop shm from whitelist-dev test as it can contain many files |  Reiner Herrmann | 2020-01-02 | |
| | | | ||||
| * | | Fix #3105 -- add allow-ruby.inc | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | tests: use pid 1, which will also exist in containers | Reiner Herrmann | 2020-01-02 | |
| | | | ||||
| * | | tests: wait until sandbox is shutdown before running next command | Reiner Herrmann | 2020-01-02 | |
| | | | ||||
| * | | gitlab-ci: it's actually the redhat test that was failing | Reiner Herrmann | 2020-01-02 | |
| | | | ||||
| * | | fix gnome-maps | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | fix celluloid | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | harden whois.profile | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | Harden openshot | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | gnome-builder: fix build cache | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | Harden wget.profile | rusty-snake | 2020-01-02 | |
| | | | ||||
| * | | gitlab-ci: disable continuously failing fedora test | Reiner Herrmann | 2020-01-01 | |
| | | | ||||
| * | | gitlab-ci: drop debian patches before building, as they might conflict | Reiner Herrmann | 2020-01-01 | |
| | | | ||||
| * | | Fix private-lib in gedit.profile | glitsj16 | 2020-01-01 | |
| | | | | | | | Fixes #3104. | |||
| * | | Make ${HOME}/.config/environment.d read-only | rusty-snake | 2019-12-30 | |
| | | | ||||
| * | | spelling fix | Reiner Herrmann | 2019-12-30 | |
| | | | ||||
| * | | include m4 directory in source archive | Reiner Herrmann | 2019-12-30 | |
| |/ | ||||
| * | Harden file-roller | rusty-snake | 2019-12-29 | |
| | | ||||
| * | disable-devel: blacklist source-code | rusty-snake | 2019-12-29 | |
| | | ||||
| * | Add appimage fix to electrum.profile | glitsj16 | 2019-12-29 | |
| | | ||||
| * | Merge pull request #3097 from glitsj16/firecfg |  netblue30 | 2019-12-26 | |
| |\ | | | | | Drop CLI archivers from firecfg | |||
| | * | Drop CLI archivers from firecfg | glitsj16 | 2019-12-26 | |
| | | | | | | | More research/testing is needed to make CLI-based archivers work on Arch (based distributions). See ongoing discussion in #3095. | |||
| * | | Update private-bin in tar.profile | glitsj16 | 2019-12-26 | |
| | | | ||||
| * | | Add login.defs to private-etc | glitsj16 | 2019-12-26 | |
| |/ | ||||
| * | Merge pull request #3093 from smitsohu/join |  smitsohu | 2019-12-25 | |
| |\ | | | | | add join timeout and make it configurable | |||
| | * | let is_ready_for_join() return a boolean | smitsohu | 2019-12-23 | |
| | | | ||||
| | * | simplify join timeout | smitsohu | 2019-12-23 | |
| | | | ||||
| | * | cleanup | smitsohu | 2019-12-23 | |
| | | | ||||
| | * | make join timeout configurable in firejail.config | smitsohu | 2019-12-23 | |
| | | | ||||
| | * | let join wait if target sandbox is not ready yet | smitsohu | 2019-12-23 | |
| | | | | | | | | | fixes #2139 | |||
| | * | move invalid_sandbox function to join module | smitsohu | 2019-12-22 | |
| | | | ||||
 |
index : firejail | |
| Mirror of https://github.com/netblue30/firejail | Firejail Authors |
| aboutsummaryrefslogtreecommitdiffstats |