firejail - Mirror of https://github.com/netblue30/firejail

	Commit message (Collapse)	Author	Age
*	adding mincore syscall to the default seccomp filter and some independent ↵	netblue30	2019-01-14
\| \| \| \|	profiles
*	fix error message	smitsohu	2019-01-13
\| \| \| \| \|	as --appimage can be combined with chroot and overlay options, querying it first makes the error message more correct
*	fix parent death signal	smitsohu	2019-01-13
\| \| \| \| \| \|	turns out the parent death signal is reset every time the effective uid changes, hence moving the prctl call to the earliest place where the setting is persistent.
*	fix netfilter-default functionality in /etc/firejail/firejail.config	netblue30	2019-01-09
\|
*	test caps join	netblue30	2019-01-08
\|
*	testing seccomp/join	netblue30	2019-01-08
\|
*	fix join/seccomp #2296	netblue30	2019-01-08
\|
*	merges	netblue30	2019-01-07
\|
*	Merge pull request #2327 from NickMolloy/fix-addr-length	netblue30	2019-01-07
\|\ \| \| \| \|	Correctly set address length in arp frames
\| *	Correctly set address length in arp frames	Nicholas Molloy	2019-01-02
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Kernel commit 99137b7 introduced an additional check of the address length. This exposed a bug in the arp code where the address length was being set incorrectly. Now the length is set from the ETH_ALEN constant declared in linux/if_ether.h This fixes #2314
* \|	Merge pull request #2328 from glitsj16/ocenaudio	glitsj16	2019-01-04
\|\ \ \| \|/ \|/\|	Fix ocenaudio profile
\| *	Fix ocenaudio profile	glitsj16	2019-01-04
\|/
*	Add a profile for ghostwriter (#2319)	rusty-snake	2018-12-30
\| \| \| \| \|	* Add a profile for ghostwriter
*	Merge pull request #2313 from rusty-snake/patch-1	SkewedZeppelin	2018-12-27
\|\ \| \| \| \|	Fix gajim.profile
\| *	Update gajim.profile	rusty-snake	2018-12-27
\| \|
\| *	Merge branch 'patch-1' of github.com:rusty-snake/firejail into patch-1	rusty-snake	2018-12-27
\| \|\
\| \| *	Some additional hardening	rusty-snake	2018-12-27
\| \| \|
\| * \|	Some additional hardening for gajim	rusty-snake	2018-12-27
\| \|/
\| *	Add profile alias for gajim-history-manager	rusty-snake	2018-12-27
\| \|
\| *	Fix Gajim.profile	rusty-snake	2018-12-26
\| \|
\| *	Fix gajim.profile	rusty-snake	2018-12-23
\| \|
* \|	Remove network access from cherrytree.profile	tinmanx	2018-12-25
\| \|
* \|	Bah humbug! Backporting fixes for the new Brave browser to 0.9.56.	Fred-Barclay	2018-12-25
\|/ \| \| \|	Merry Christmas to all!
*	Merges	Tad	2018-12-22
\|
*	Merge pull request #2308 from rusty-snake/patch-2	SkewedZeppelin	2018-12-23
\|\ \| \| \| \|	Update disable-common.inc, disable-programs.inc.
\| *	updates for ~/.cargo	rusty-snake	2018-12-21
\| \|
\| *	adaptations in bibletime.profile and rhythmbox.profile	rusty-snake	2018-12-20
\| \|
\| *	Update disable-common.inc, disable-programs.inc	rusty-snake	2018-12-20
\|/
*	README/RELNOTES update	netblue30	2018-12-18
\|
*	README/RELNOTES update	netblue30	2018-12-18
\|
*	join: also check proc file to detect nonewprivs bit	smitsohu	2018-12-17
\| \| \| \| \|	redundant check that adds defense in depth and maybe one day can replace the other, file based check
*	Merge pull request #2297 from smitsohu/patch	startx2017	2018-12-17
\|\ \| \| \| \|	enforce nonewprivs instead of seccomp for chroot sandboxes
\| *	enforce nonewprivs instead of seccomp for chroot sandboxes	smitsohu	2018-12-15
\| \| \| \| \| \| \| \| \| \|	currently users are able to specify a seccomp filter of their choosing, leaving the real defense to nonewprivs anyway.
* \|	New profile for supertuxkart. (#2298)	rusty-snake	2018-12-16
\| \| \| \| \| \| \| \| \| \| \| \|	* New profile supertuxkart * review fixes
* \|	Merge pull request #2299 from glitsj16/man	glitsj16	2018-12-16
\|\ \ \| \| \| \| \| \|	fix netstats typo in man firejail
\| * \|	fix netstats typo in man firejail	glitsj16	2018-12-16
\|/ /
* /	Fix bibletime.profile (#2295)	rusty-snake	2018-12-15
\|/ \| \| \| \| \| \| \|	* Fix bibletime.profile Fix: bibletime don't starts on Fedora and Arch Use `seccomp.drop` from firefox.
*	join: check prctl return value	smitsohu	2018-12-14
\|
*	add explicit nonewprivs support to join option; accompanying small improvements	smitsohu	2018-12-14
\|
*	firecfg: improve error string	smitsohu	2018-12-13
\| \| \| \|	emphasize that only firecfg needs all permissions, not firejail
*	pulseaudio: use create_dir_as_user(); small adjustments	smitsohu	2018-12-13
\|
*	Merge pull request #2293 from smitsohu/smitsohu-patch-libreoffice	smitsohu	2018-12-13
\|\ \| \| \| \|	enable apparmor in libreoffice profile
\| *	enable apparmor in libreoffice profile	smitsohu	2018-12-09
\| \| \| \| \| \| \| \|	depends on aa37fe19fed6be8e44db461691149237ee71da94
* \|	Revert "pulseaudio: use env variable fallback in more cases"	smitsohu	2018-12-13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This reverts commit 93779cb9cd0d098cd3587e2f795200d98e3af1ee. That commit removed restrictions, but also added new inconsistencies. Starting again from the previous state is easier than evolving the current state, hence reverting the commit.
* \|	pulseaudio: use env variable fallback in more cases	smitsohu	2018-12-11
\| \| \| \| \| \| \| \| \| \| \| \|	setting the PULSE_CLIENTCONFIG environment variable to the unmounted file is a safe fallback, use it in more cases when mounting is considered not an option
* \|	add create_empty_dir_as_user function, refactor	smitsohu	2018-12-11
\| \|
* \|	xorg: check if Xauthority mount point was created	smitsohu	2018-12-11
\| \| \| \| \| \| \| \|	and print more meaningful error message
* \|	profile enhancements: blacklist kdesu daemon socket, rework ↵	smitsohu	2018-12-11
\| \| \| \| \| \| \| \|	c083a7b737050c532977b46fac6400f1dbc24ff6
* \|	Merge pull request #2294 from rusty-snake/add-thunderbird-wayland	SkewedZeppelin	2018-12-10
\|\ \ \| \| \| \| \| \|	Add a profile for thunderbird-wayland
\| * \|	Add a profile for thunderbird-wayland	rusty-snake	2018-12-10
\|/ /