aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
...
* | Merge pull request #1687 from floxo/masterLibravatar smitsohu2017-12-22
|\ \ | | | | | | Added environment variable QML_DISABLE_DISK_CACHE=1 to okular.profile.
| * | Added environment variable QML_DISABLE_DISK_CACHE=1 to okular.profile.Libravatar Flox2017-12-21
| |/ | | | | | | | | | | | | | | Without it, recent okular versions (here 17.12.0-1 on Arch Linux) crash with mprotect failed in ExecutableAllocator::makeExecutable: Permission denied due to the noexec constraints in the firejail profile.
* | Add iana-etc's services to private-etc in steam.profile, fixes #1688Libravatar Tad2017-12-22
| |
* | Merge pull request #1689 from gerasiov/masterLibravatar Fred Barclay2017-12-22
|\ \ | |/ |/| disable-common.inc: read-only access to ~/.ssh/authorized_keys
| * disable-common.inc: read-only access to ~/.ssh/authorized_keysLibravatar Alexander GQ Gerasiov2017-12-22
|/ | | | | | | | | | | | | | | disable-common.inc blacklists whole .ssh, but some profiles (e.g. idea.sh) unblacklists it to allow git over ssh with public key auth. But this creates security hole, since firejailed app could modify ~/.ssh/authorized_keys and allow arbitrary code execution on the host with sshd installed (e.g. ssh localhost and run any program) or even open backdoor for remote attacker. This commits disallows write access to ~/.ssh/authorized_keys even if .ssh was unblacklisted. Signed-off-by: Alexander GQ Gerasiov <gq@cs.msu.su>
* firemon fixesLibravatar netblue302017-12-18
|
* Add Figaro's Password Manager 2 to disable-passwdmgr.incLibravatar netblue302017-12-18
|
* Fix #1674Libravatar Tad2017-12-17
| | | | look into why this is breaking
* Profile fixesLibravatar Tad2017-12-17
|
* Merge pull request #1681 from gerasiov/masterLibravatar Fred Barclay2017-12-17
|\ | | | | Profiles updates
| * Add new path for TelegramDesktop files.Libravatar Alexander GQ Gerasiov2017-12-17
| | | | | | | | | | Latest versions of TelegramDesktop supports both old (~/.TelegramDesktop) and new (~/.local/share/TelegramDesktop) location of sensitive data files.
| * disable-common.inc: Blacklist .homesickLibravatar Alexander GQ Gerasiov2017-12-17
|/ | | | | homesick is dotfiles manager. It keeps dotfiles (e.g. .bashrc) in repository under ~/.homesick and puts symlinks into home directory.
* Fix #1680, same as #1437Libravatar Tad2017-12-16
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar startx20172017-12-14
|\
| * Merge pull request #1676 from maxice8/fix-muslLibravatar Reiner Herrmann2017-12-14
| |\ | | | | | | libtrace/libtrace.c: add missing limits.h include
| | * libtrace/libtrace.c: add missing limits.h includeLibravatar maxice82017-12-13
| |/ | | | | | | Fix build on Musl systems, tested on x86_64-musl Void Linux
* / redirect output messages to stderrLibravatar startx20172017-12-14
|/
* fix RELNOTESLibravatar netblue302017-12-12
|
* RELONTES for the new versionLibravatar netblue302017-12-12
|
* starting 0.9.53Libravatar netblue302017-12-12
|
* 0.9.52 testing0.9.52Libravatar netblue302017-12-12
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2017-12-11
|\
| * fix trash blacklist in caja profileLibravatar smitsohu2017-12-10
| |
* | fix qutebrowserLibravatar smitsohu2017-12-11
|/
* new fix for #1670Libravatar netblue302017-12-10
|
* fix (and harden) kmail - #1541Libravatar smitsohu2017-12-10
|
* remove mutt blacklist redundanciesLibravatar smitsohu2017-12-09
|
* improve fetchmail profile - #1661Libravatar smitsohu2017-12-09
|
* firecfg fix (#1670)Libravatar netblue302017-12-09
|
* fix typoLibravatar Reiner Herrmann2017-12-08
|
* typo fixLibravatar smitsohu2017-12-08
|
* sort whitelist-common.incLibravatar smitsohu2017-12-08
|
* pedantic comment fixLibravatar smitsohu2017-12-08
|
* fix sound in firefox started from thunderbirdLibravatar smitsohu2017-12-08
| | | | | and move disable-mnt from thunderbird to firefox profile, in alignment with recent commit from @Fred-Barclay
* 0.9.52 testingLibravatar netblue302017-12-07
|
* 0.9.52 testingLibravatar netblue302017-12-07
|
* more mergesLibravatar smitsohu2017-12-07
|
* mergesLibravatar smitsohu2017-12-07
|
* allow kcalc to read various settingsLibravatar smitsohu2017-12-07
|
* fix ktorrent kioLibravatar smitsohu2017-12-07
| | | minimal fix to get file dialog working when there is no kdeinit4 outside the sandbox (relevant e.g. for Debian up to Stretch)
* testingLibravatar netblue302017-12-06
|
* testingLibravatar netblue302017-12-06
|
* adding machine-id to a number of profilesLibravatar netblue302017-12-04
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar Fred-Barclay2017-12-02
|\
| * Merge pull request #1662 from netblue30/enable-mnt_browsersLibravatar Fred Barclay2017-11-30
| |\ | | | | | | Add disable-mnt to common browser profiles.
| | * Add disable-mnt to surf profileLibravatar Fred-Barclay2017-11-29
| | |
| | * (Re)add disable-mnt to common browser profiles.Libravatar Fred-Barclay2017-11-28
| | |
| * | Merge pull request #1664 from soredake/qtoxLibravatar SpotComms2017-11-29
| |\ \ | | |/ | |/| qtox needs libstdc++.so.6
| | * qtox needs libstdc++.so.6Libravatar soredake2017-11-29
| |/
* / Add machine-id to firefox filters, see b7828e463f868e66e1d5fc6fc48328b6437e0504Libravatar Fred-Barclay2017-12-02
|/
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-08-01 10:53:57 +0000