aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* Add note about seccomp to steam #2860Libravatar rusty-snake2019-10-13
|
* chroot error message typoLibravatar smitsohu2019-10-13
|
* postpone procfs mount until after chroot callLibravatar smitsohu2019-10-13
| | | | issue #2301
* fix chroot with mounted resolv.confLibravatar smitsohu2019-10-13
|
* x11 hardeningLibravatar smitsohu2019-10-13
|
* shorten fedora firefox private-binLibravatar rusty-snake2019-10-12
| | | | | Possible `false,pidof,rmdir,true` can also be removed. unsure. [skip ci]
* kalgebra.profile, kalgebramobile.profileLibravatar rusty-snake2019-10-12
|
* x11 xorg: blacklist non-default Xauthority fileLibravatar smitsohu2019-10-08
| | | fixes #1652
* add x11 xorg option to HAS_X11 conditional - #2205Libravatar smitsohu2019-10-08
|
* add HAS_X11 conditional, disconnect session manager - #2205Libravatar smitsohu2019-10-08
|
* little tweaksLibravatar smitsohu2019-10-08
|
* Fix wusc for gearyLibravatar glitsj162019-10-07
| | | The included firefox.profile has wusc now. We need to whitelist /usr/share/geary to avoid breakage.
* Move wusc into eo-common.profileLibravatar glitsj162019-10-07
|
* Move wusc into eo-common.profileLibravatar glitsj162019-10-07
|
* Move wusc into eo-common.profileLibravatar glitsj162019-10-07
|
* various profile fixesLibravatar rusty-snake2019-10-06
|
* Fix wusc in thunderbirdLibravatar glitsj162019-10-06
|
* Wusc fixes (#2992)Libravatar glitsj162019-10-06
| | | | | | | | | | | | * Add wusc to eom * Fix wusc in firefox Without access to /usr/share/ca-certificates all HTTPS traffic gets the FF dialog 'Warning: Potential Security Risk Ahead'. Probably needed in thunderbird profile too (untested). * Fix wusc ordering in meld Just an alphabetical ordering nitpick.
* whitelist-usr-share-common.inc (#2972)Libravatar rusty-snake2019-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Work on whitelist-usr-share-common * sorting; add Modules + QT/KDE stuff * add wusc.inc to more profiles [needs testing] * update * gitg, firefox, evince * /usr/share/{p11-kit,pixmaps,pki,qt5,tcl8.6,terminfo} * more profiles * remove wusc.inc from feedreader Even with 'whitelist /usr/share/*', feedreader trys to dereference a NULL pointer. * more profiles * whitelist /usr/share breaks wget even with whitelist /usr/share/* * extend wusc.inc * update * Add alsa,crypto-policies and zoneinfo * readd wusc.inc to wget and feedreader * update * testing results: Debian Buster with KDE * more KDE stuff * fix tb
* remove trailing slashesLibravatar rusty-snake2019-10-05
|
* Update firefox-common-addons.incLibravatar rusty-snake2019-10-05
|
* Merge pull request #2982 from smitsohu/chrootLibravatar netblue302019-10-04
|\ | | | | Move chroot entirely from path based to file descriptor based mounts
| * improve enforce_filters warningLibravatar smitsohu2019-10-01
| | | | | | added an additional newline in order to keep it visually separate from other unrelated error messages
| * simplify chroot option parsingLibravatar smitsohu2019-10-01
| | | | | | | | this is a partial revert, back to the original code
| * base checks and mounts on same file descriptorLibravatar smitsohu2019-10-01
| |
| * improve variable namesLibravatar smitsohu2019-09-29
| |
| * chroot moduleLibravatar smitsohu2019-09-29
| |
| * move chroot from path based to file descriptor based mountsLibravatar smitsohu2019-09-29
| |
* | fix the fixLibravatar smitsohu2019-10-04
| | | | | | | | | | | | cf. previous commit 34e5ad65b238b698c55e4921c9ac9294e6548cc7 line buffered output is what we really want
* | alphabetize man page entriesLibravatar smitsohu2019-10-04
| |
* | fix concurrent writing to trace fileLibravatar smitsohu2019-10-04
| |
* | break out of libtrace file open loopLibravatar smitsohu2019-10-04
| |
* | add private-tmp to unbound profileLibravatar smitsohu2019-10-01
| |
* | commented out some debug code in libtraceLibravatar netblue302019-09-29
| |
* | increase socket buffer size for firemon, bug #2700Libravatar netblue302019-09-29
|/
* Update evinceLibravatar rusty-snake2019-09-28
| | | | | | | private-lib: - Add note about possible two-page-view breaktage - add libgraphite2.so.* remove mdwe
* fixup! add missing blacklist pathsLibravatar rusty-snake2019-09-28
|
* Fix sorting (caught by GitLab CI tests)Libravatar Fred Barclay2019-09-28
|
* fix ffprobeLibravatar rusty-snake2019-09-28
| | | | | | | | | | | $ firejail ffprobe VIDEO execvp: No such file or directory $ firejail --noprofile --private-bin=ffprobe ffprobe VIDEO execvp: No such file or directory $ firejail --ignore=private-bin ffprobe VIDEO Works ffprobe is the only file in PATH that is touched (see --build).
* add missing blacklist pathsLibravatar rusty-snake2019-09-28
|
* KeePassXC: Added a warning regarding tray iconLibravatar Timo Hardebusch2019-09-28
|
* profiles: fix audio playback with ffplayLibravatar Reiner Herrmann2019-09-28
| | | | https://bugs.debian.org/941241
* testingLibravatar smitsohu2019-09-26
|
* testing: rename and simplifyLibravatar smitsohu2019-09-26
| | | | cf. previous commits 5bb476f74efb4754b6f5f8d711c6b77898ef9385 and 4b1a6094d7f4d9c25ff4f0f9a31bcd83732910a1
* testingLibravatar smitsohu2019-09-25
|
* testing suite fixes: remove shell localizationLibravatar smitsohu2019-09-24
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-09-24
|\
| * protect files that can execute commandsLibravatar rusty-snake2019-09-22
| |
* | testingLibravatar smitsohu2019-09-24
|/
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-09-22
|\
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-12 04:32:54 +0000