Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
| * | refactor test targets and let build fail on test errors | Reiner Herrmann | 2020-10-24 | |
| | | ||||
* | | merges | netblue30 | 2020-10-25 | |
| | | ||||
* | | Merge pull request #3676 from rusty-snake/tmpfs-inside-home | netblue30 | 2020-10-25 | |
|\ \ | | | | | | | Allow --tmpfs and --bind inside $HOME for unprivileged users | |||
| * | | Likewise allow --bind inside $HOME for users | rusty-snake | 2020-10-23 | |
| | | | ||||
| * | | Allow --tmpfs inside $HOME for unprivileged users | rusty-snake | 2020-10-23 | |
| | | | | | | | | | | | | | | | | | | | | | --tmpfs was added in 0.9.14 and restricted to root only in 0.9.38 due to priv-esc CVE-2016-10117 (e.g. --tmpfs=/etc and modify /etc/sudoers). This commit reintroduce it for normal users, if the realpath of it is inside users-home. | |||
* | | | Merge pull request #3607 from kortewegdevries/wemail | netblue30 | 2020-10-25 | |
|\ \ \ | | | | | | | | | Switch mails to whitelisting | |||
| * | | | Add note about private-bin | kortewegdevries | 2020-09-03 | |
| | | | | ||||
| * | | | Add firefox support | kortewegdevries | 2020-08-29 | |
| | | | | ||||
| * | | | Switch kmail to whitelisting | kortewegdevries | 2020-08-29 | |
| | | | | ||||
| * | | | GPG default, fixes... | kortewegdevries | 2020-08-28 | |
| | | | | ||||
| * | | | Switch Evolution to whitelisting | kortewegdevries | 2020-08-28 | |
| | | | | ||||
* | | | | check that profiles are sorted | Reiner Herrmann | 2020-10-24 | |
| |_|/ |/| | | ||||
* | | | bump version to new development version 0.9.65 | Reiner Herrmann | 2020-10-24 | |
| | | | ||||
* | | | harden peek; update README.md; add gnome-sound-… | rusty-snake | 2020-10-23 | |
| | | | | | | | | | | | | …recorder to firecfg.config | |||
* | | | Merge pull request #3683 from jmetrius/vlc-aacs-fix | rusty-snake | 2020-10-23 | |
|\ \ \ | |_|/ |/| | | Fix blu-ray playback with libaacs | |||
| * | | Fix vlc blu-ray playback with libaacs | Jan Sonntag | 2020-10-20 | |
| | | | ||||
* | | | 0.9.64 testing0.9.64 | netblue30 | 2020-10-21 | |
| | | | ||||
* | | | 0.9.64 testing | netblue30 | 2020-10-21 | |
| | | | ||||
* | | | Update bug_report.md | rusty-snake | 2020-10-20 | |
|/ / | | | | | Stop "mentioned"-notes in 1139. | |||
* | | Merge pull request #3679 from Bundy01/master | rusty-snake | 2020-10-19 | |
|\ \ | | | | | | | Update virtualbox.profile | |||
| * | | Update virtualbox.profile | Bundy01 | 2020-10-19 | |
|/ / | ||||
* | | fix #3478 | netblue30 | 2020-10-19 | |
| | | ||||
* | | fix manpage wanings (#3563) | netblue30 | 2020-10-19 | |
| | | ||||
* | | readme update | netblue30 | 2020-10-17 | |
| | | ||||
* | | Merge pull request #3674 from topimiettinen/rmenv-apply-early | netblue30 | 2020-10-17 | |
|\ \ | | | | | | | Apply --rmenv immediately to help to avoid the env var length check | |||
| * | | Apply --rmenv immediately to help to avoid the env var length check | Topi Miettinen | 2020-10-16 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove environment variables with --rmenv immediately. This fixes removing long environment variables (LS_COLORS generated by vivid), previously the length filter would trip before the command was processed. This changes user visible behavior slightly, for example --rmenv=LANG now applies also to Firejail, while earlier it would only apply to sandboxed program. Partially fixes #3673, but not handling `rmenv` in profiles. Also suggest --rmenv when there are problems with enviroment variables. Signed-off-by: Topi Miettinen <toiwoton@gmail.com> | |||
* | | | Merge pull request #3675 from hlein/fix-carriageret | netblue30 | 2020-10-17 | |
|\ \ \ | | | | | | | | | Strip out \r's. | |||
| * | | | Strip out \r's. | Hank Leininger | 2020-10-15 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | As is, this will not execute because env attempts to locate the executable 'python\r', which does not exist. Signed-off-by: Hank Leininger <hlein@korelogic.com> | |||
* | | | | update firefox fedora private-bin [skip ci] | rusty-snake | 2020-10-16 | |
| | | | | ||||
* | | | | flameshot has changed it's APP-ID | rusty-snake | 2020-10-16 | |
|/ / / | | | | | | | | | | closes #3643 | |||
* | | | Formatting for better PEP-8 compliance | Fred Barclay | 2020-10-15 | |
| | | | | | | | | | | | | Will do a more in-depth review later, these are just style improvements | |||
* | | | Block VS Code preferences from being committed | Fred Barclay | 2020-10-15 | |
|/ / | ||||
* | | Merge pull request #3672 from hlein/fix-py-shebang | Reiner Herrmann | 2020-10-15 | |
|\ \ | | | | | | | Updated fix_private-bin.py shebang to use env python3 like other contrib/*.py scripts | |||
| * | | Updated shebang to use env python3 like other contrib/*.py scripts | Hank Leininger | 2020-10-14 | |
|/ / | | | | | | | | | | | This will simplify some distro packagings of firejail. Signed-off-by: Hank Leininger <hlein@korelogic.com> | |||
* | | Merge pull request #3670 from netblue30/scan_build | Reiner Herrmann | 2020-10-14 | |
|\ \ | ||||
| * | | Remove unused variables | Reiner Herrmann | 2020-10-14 | |
| | | | | | | | | | | | | | | | Fixes clang-analyzer warnings: "Although the value stored to 'xxxxx' is used in the enclosing expression, the value is never actually read from 'xxxxx'" | |||
| * | | build: enable CI build with scan-build | Reiner Herrmann | 2020-10-14 | |
|/ / | ||||
* | | Merge pull request #3667 from Neo00001/patch-2 | rusty-snake | 2020-10-13 | |
|\ \ | | | | | | | Update wire-desktop.profile (again) | |||
| * | | Update wire-desktop.profile | Neo00001 | 2020-10-13 | |
| | | | ||||
| * | | Update wire-desktop.profile (again) | Neo00001 | 2020-10-13 | |
| | | | | | | | | | On arch,wire-desktop is now depending on electron9. Using wildcard for this sorta packages would be better. | |||
* | | | README | netblue30 | 2020-10-13 | |
| | | | ||||
* | | | merges, fix for #3662 etc. | netblue30 | 2020-10-13 | |
| | | | ||||
* | | | Merge pull request #3664 from dpellegr/master | netblue30 | 2020-10-13 | |
|\ \ \ | |/ / |/| | | Allowing links in netns | |||
| * | | allowing links in netns | dpellegr | 2020-10-12 | |
|/ / | ||||
* | | man: call preproc.awk via Makefile, as the shebang hardcodes the path | Reiner Herrmann | 2020-10-10 | |
| | | ||||
* | | build: check for presence of gawk when manpages will be built | Reiner Herrmann | 2020-10-10 | |
| | | | | | | | | Fixes: #3661 | |||
* | | Merge pull request #3660 from kris7t/apparmor-run | Kristóf Marussy | 2020-10-10 | |
|\ \ | | | | | | | Fix AppArmor 3.0 support (closes #3659) | |||
| * | | Fix AppArmor 3.0 support (closes #3659) | Kristóf Marussy | 2020-10-10 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | AppArmor introduces the @{run} variable, which is used in <abstractions/dbus-strict> and <abstractions/dbus-session-strict> among other places. Thus, we follow suit of the built-in profiles and #include <tunables/global>, which includes <tunables/run> in AppArmor 3.0, defining the variable. As <tunables/global> exists in previous versions of AppArmor, too, this patch does not introduce a backward-compatibility issue with Apparmor 2.x. | |||
* | | | Merge pull request #3653 from briaeros/master | Fred Barclay | 2020-10-10 | |
|\ \ \ | |/ / |/| | | fix command test in jail_prober.py | |||
| * | | jail_prober : first pass without any argument | alpha | 2020-10-09 | |
| | | |