Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
| * | | Rename QMediathekView to QMediathekView.profile | glitsj16 | 2018-10-11 | |
| | | | ||||
| * | | Update firecfg.config | glitsj16 | 2018-10-11 | |
| | | | ||||
| * | | Update disable-programs.inc | glitsj16 | 2018-10-11 | |
| | | | ||||
| * | | Create QMediathekView | glitsj16 | 2018-10-11 | |
| |/ | ||||
* | | Merge pull request #2161 from glitsj16/file | netblue30 | 2018-10-11 | |
|\ \ | | | | | | | Fix file.profile | |||
| * | | Harden file.profile | glitsj16 | 2018-10-11 | |
| | | | ||||
| * | | Fix file.profile | glitsj16 | 2018-10-11 | |
| |/ | ||||
* | | Merge branch 'master' of http://github.com/netblue30/firejail | netblue30 | 2018-10-11 | |
|\ \ | ||||
| * \ | Merge pull request #2159 from smitsohu/master | netblue30 | 2018-10-11 | |
| |\ \ | | |/ | |/| | allow overriding of disable-mnt with noblacklist | |||
| | * | allow overriding of disable-mnt with noblacklist - #2154 | smitsohu | 2018-10-11 | |
| |/ | ||||
* / | 0.9.56.1 - bugfix release | netblue30 | 2018-10-11 | |
|/ | ||||
* | merges | netblue30 | 2018-10-08 | |
| | ||||
* | Write-protection for thumbnailer dir see #2143 (#2144) | curiosity-seeker | 2018-10-07 | |
| | ||||
* | clean /run/user directory | smitsohu | 2018-10-07 | |
| | ||||
* | Merge pull request #2141 from crass/fix-appimage-hdr-calc | netblue30 | 2018-10-06 | |
|\ | | | | | Update appimage size calculation to newest code from libappimage. | |||
| * | Update appimage size calculation to newest code from libappimage. | Glenn Washburn | 2018-10-05 | |
| | | ||||
* | | Merge pull request #2138 from crass/fix-fj-proc-detect | netblue30 | 2018-10-06 | |
|\ \ | | | | | | | Fix incorrect --list and --tree output under certain circumstances | |||
| * | | Firejail should look for processes with names exactly named "firejail" to ↵ | Glenn Washburn | 2018-10-05 | |
| |/ | | | | | | | avoid accounting for processes with a "firejail" prefix. | |||
* | | merges | netblue30 | 2018-10-04 | |
| | | ||||
* | | Merge pull request #2130 from crass/fix-2045 | netblue30 | 2018-10-04 | |
|\ \ | | | | | | | FIX-2045: Fix command name parsing for program paths with spaces. | |||
| * | | Fix command name parsing so that program paths with spaces do not cause the ↵ | Glenn Washburn | 2018-10-01 | |
| |/ | | | | | | | wrong or no profile to be detected. | |||
* | | Fixes #2048 | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-10-03 | |
| | | ||||
* | | configure.ac: set sysconfdir only if none was specified manually | Reiner Herrmann | 2018-10-03 | |
| | | | | | | | | Fixes #2125 | |||
* | | Fixes #2048 | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-10-03 | |
| | | ||||
* | | AppArmor: Allow writing to removable media | Vincent43 | 2018-10-02 | |
| | | ||||
* | | Merges | Tad | 2018-10-02 | |
| | | ||||
* | | Merge pull request #2131 from veloute/discordfix | SkewedZeppelin | 2018-10-02 | |
|\ \ | | | | | | | fixed discord not able to check for updates | |||
| * | | fixed discord not able to check for updates | veloute | 2018-10-02 | |
| |/ | ||||
* / | incomplete fix: whitelisting of symlinks to other home dirs | smitsohu | 2018-10-02 | |
|/ | | | | | | | | | belongs to previous commit 51eeef2059f00de117472046601e10a9fd958d51 short summary of the new behavior, which should catch a few corner cases better: - a non-existant file in another homedir (say homedirs are "/foo/user" and "/foo/user2") is silently ignored (previously a tmpfs was mounted on the users homedir, which was wrong) - a symlink pointing to an existing file in another homedir now works (but the link will be always dangling; you need --allusers to see this) - a symlink pointing back to the entire homedir now works as expected | |||
* | mount empty home if macro can't be whitelisted | smitsohu | 2018-10-01 | |
| | ||||
* | tests: skip audit.exp if tests are already running in a pid namespace | Reiner Herrmann | 2018-10-01 | |
| | ||||
* | fs_whitelist: reduce number of loop iterations | smitsohu | 2018-10-01 | |
| | ||||
* | tiny memleaks | smitsohu | 2018-10-01 | |
| | ||||
* | regression: fix whitelisting of symlinks to other home dirs, small improvements | smitsohu | 2018-10-01 | |
| | | | | | | | | handling of home dir paths is more explicit and rigorous now, which should make it easier to audit. Also this should come handy if one day fs_private() supports home directories outside /home rf. #2123 | |||
* | cleanup | smitsohu | 2018-09-30 | |
| | ||||
* | Merge pull request #2127 from veloute/vimfix | Fred Barclay | 2018-09-29 | |
|\ | | | | | fixed vim missing from firecfg.config | |||
| * | fixed vim missing from firecfg.config | veloute | 2018-09-30 | |
| | | ||||
* | | Use list for checking multiple possible values | Fred-Barclay | 2018-09-28 | |
| | | ||||
* | | fixed fs-print test | startx2017 | 2018-09-28 | |
|/ | ||||
* | manpage cleanup | netblue30 | 2018-09-26 | |
| | ||||
* | Fixes #2122 | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-09-25 | |
| | ||||
* | manpages: fix apparmor profile path | Vincent43 | 2018-09-22 | |
| | ||||
* | manpages: fix alignment | Vincent43 | 2018-09-22 | |
| | ||||
* | manpages: update AppArmor info | Vincent43 | 2018-09-22 | |
| | ||||
* | Add profile for spectre-meltdown-checker | Tad | 2018-09-22 | |
| | | | | Will need to support allow-debuggers in profiles before it can be enabled in firecfg | |||
* | tests: skip more tests if capabilities/seccomp of host differs | Reiner Herrmann | 2018-09-21 | |
| | ||||
* | tests: skip tests checking for /dev/kmsg which might not be available | Reiner Herrmann | 2018-09-21 | |
| | ||||
* | Fix check for nobody user | Reiner Herrmann | 2018-09-21 | |
| | | | | Fixes #2117 | |||
* | --version 0.9.57 | netblue30 | 2018-09-19 | |
| | ||||
* | Misc profile hardening | Tad | 2018-09-19 | |
| |