aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* harden bsdtar profile (net none, x11 none)Libravatar smitsohu2019-06-29
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-06-28
|\
| * Add fonts to private-etc in udiskie profileLibravatar Jose Riha2019-06-28
| | | | | | | | This prevents from seeing Fontconfig error in udiskie output.
| * Streamline redirect profiles (follow-up) (#2803)Libravatar glitsj162019-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3)
| * Streamline redirect profiles (#2802)Libravatar glitsj162019-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirct profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profile * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles
| * Fixup 1cc468607637da1144b2d75be25dea348010c5d5Libravatar Tad2019-06-27
| |
| * profiles: add two aliases for existing gamesLibravatar Tad2019-06-27
| |
| * Fix private-bin order in jerryLibravatar glitsj162019-06-27
| |
| * Fix placing of jerryLibravatar glitsj162019-06-27
| |
| * Add profile for jerry chessLibravatar Fred Barclay2019-06-26
| |
| * Hardening a few profiles (#2800)Libravatar glitsj162019-06-26
| | | | | | | | | | | | | | | | | | | | * Harden curl.profile * Harden dnscrypt-proxy.profile * Harden unbound.profile * Harden unbound.profile
| * whitespace fixLibravatar rusty-snake2019-06-26
| |
| * testing for -fstack-clash-protection and -fstack-protector-strong compile flagsLibravatar netblue302019-06-26
| |
| * Silence xauth output in src/firejail/x11.c (#2796)Libravatar glitsj162019-06-26
| | | | | | | | | | | | | | | | | | | | * Fix typo's and install instructions for Arch * Try to silence xauth output Fixes https://github.com/netblue30/firejail/issues/2787. * Conditionally silence xauth output in x11 options
| * docs update: pkg-config package required on Debian/Ubuntu when running ↵Libravatar netblue302019-06-25
| | | | | | | | ./configure --apparmor
| * Tighten SSH with nodbus (#2789)Libravatar glitsj162019-06-24
| | | | | | | | | | | | * nodbus for ssh-agent * nodbus for ssh.profile
| * Improve profile PRs (Related to #2739) (#2784)Libravatar rusty-snake2019-06-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add contrib/sort.py and .github/pull_request_temp… * Add usage to sort.py * Install sort.py if contrib-install is set * sort.py: 0644 -> 0755 * Update sort.py * Update pull_request_template.md * Remove checkboxes from PR-Template * Update sort.py * Add examples to sort.py * Update pull_request_template.md Fix path to sort.py, it depend on the distro. * Update pull_request_template.md * Update pull_request_template.md add hint about template
| * disable firetunnel at config time (#2793)Libravatar netblue302019-06-24
| |
* | simplify octal esc conversion, minor adjustmentsLibravatar smitsohu2019-06-26
|/
* run cppcheck in gitlab-ciLibravatar Reiner Herrmann2019-06-21
|
* enable additional cppchecks and fix a warningLibravatar Reiner Herrmann2019-06-21
|
* fix indentationLibravatar Reiner Herrmann2019-06-21
|
* extend gitlab-ci configuration to run Debian CI testsLibravatar Reiner Herrmann2019-06-21
|
* fail build if any step in the script failsLibravatar Reiner Herrmann2019-06-21
|
* add pkg-config build dependency to gitlab-ci configLibravatar Reiner Herrmann2019-06-21
|
* use pkg-config macro to locate apparmor and flagsLibravatar Reiner Herrmann2019-06-21
|
* use AX_CHECK_COMPILE_FLAG to check for spectre flagsLibravatar Reiner Herrmann2019-06-21
| | | | Fixes #2661
* import ax_check_compile_flag macro from autoconf-archiveLibravatar Reiner Herrmann2019-06-21
|
* reduce redundancy in pathsLibravatar Reiner Herrmann2019-06-21
|
* Arch Linux specific changes (#2788)Libravatar glitsj162019-06-20
| | | | | | | | | | | | * Arch Linux specific addition to gzip.profile * Arch Linux specifics for tar.profile * Arch Linux specifics for gzip.profile * Minor re-ordering and wording edits for makepkg.profile * Spacing fix for cower.profile
* Merge pull request #2771 from smitsohu/homedir2Libravatar netblue302019-06-20
|\ | | | | mount new proc filesystem earlier
| * avoid running without procfs describing the pid namespaceLibravatar smitsohu2019-06-14
| |
* | make syscalls.sh executableLibravatar rusty-snake2019-06-20
| |
* | Improve profile.templateLibravatar rusty-snake2019-06-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * uncomment .local includes * add options * ##ignore noexec /tmp * ##caps.keep CAPS * ##hostname NAME * ##writable-etc * ##writable-run-user * ##writable-var * ##writable-var-log * add disable x11 * x11 none * blacklist /tmp/.X11-unix * comment when which of the both option should be used * sort private-etc template Common * add comments * machine-id: breaks sound and sometime dbus related functions * private-bin: python should be added by 'python*' * protocol: auxiliary comment for protocol line * add 'packet' to protocol list * Sections structure: OPTIONS: now has seccomp* instead of seccomp
* | add 'x11 none' to more profiles with 'net none'Libravatar rusty-snake2019-06-20
| |
* | Fix typo in man firejail [--x11] (#2785)Libravatar glitsj162019-06-19
| |
* | Merge pull request #2781 from smitsohu/thunderbirdLibravatar smitsohu2019-06-18
|\ \ | | | | | | allow nodbus in thunderbird profile
| * | thunderbird profile: comment fixLibravatar smitsohu2019-06-16
| | |
| * | allow nodbus in thunderbird profileLibravatar smitsohu2019-06-16
| |/ | | | | in order to maintain enigmail support - #1951
* | use 'x11 none' optionLibravatar smitsohu2019-06-18
| | | | | | | | | | | | | | ... instead of just blacklisting the X11 socket. Systematically added to all profiles with 'net none' and 'blacklist /tmp/.X11-unix', and a few more
* | fix logical OR in disable_fileLibravatar smitsohu2019-06-18
| |
* | Update README.mdLibravatar rusty-snake2019-06-18
| | | | | | | | * add link to wiki * now link to contrib/syscalls (#2754)
* | Update CONTRIBUTING.mdLibravatar rusty-snake2019-06-18
| | | | | | Move "I found a security bug" back to the Opening issues section.
* | three new blacklist in disable-common.incLibravatar rusty-snake2019-06-18
| | | | | | | | | | | | * ~/.viminfo * ~/.lesshst * ~/.python_history
* | Fix filename in commentLibravatar Jean-Philippe Eisenbarth2019-06-17
| | | | | | Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
* | Fix spotify.profileLibravatar Jean-Philippe Eisenbarth2019-06-17
| |
* | Minor fixes for udiskieLibravatar glitsj162019-06-17
| | | | | | | | | | Nitpicks: - it's common practice to refer to the python executable(s) in private-bin with `python*`, which covers both v2 and v3; - now that @rusty-snake handed us all the needed tools to check/fix sorting multi-value options, put it to use.
* | Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-06-17
|\ \
| * \ Merge pull request #2775 from jose1711/udiskie-profileLibravatar rusty-snake2019-06-17
| |\ \ | | | | | | | | Add profile for udiskie
| | * | Apply suggestions from code reviewLibravatar Jose Riha2019-06-17
| | | | | | | | | | | | | | | | Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-08-12 20:26:36 +0000