| Commit message (Collapse) | Author | Age |
| |
|
| |
|
| |
|
|
|
| |
See https://github.com/netblue30/firejail/pull/3990#discussion_r576404417.
|
|
|
| |
Follow up for https://github.com/netblue30/firejail/pull/3988. We need to allow access to torbrowser-launcher executables installed under ${HOME}. Thanks @rusty-snake and @Vincent43 for motivational input.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
AppArmor introduces the @{run} variable, which is used in
<abstractions/dbus-strict> and <abstractions/dbus-session-strict> among
other places. Thus, we follow suit of the built-in profiles and #include
<tunables/global>, which includes <tunables/run> in AppArmor 3.0,
defining the variable.
As <tunables/global> exists in previous versions of AppArmor, too, this
patch does not introduce a backward-compatibility issue with Apparmor
2.x.
|
|
|
|
| |
/etc/apparmor.d/local/firejail.default - merge form 0.9.62.4
|
|
|
|
|
|
|
| |
* clarify writing to /var/mail and /var/spool/mail in apparmor
Thunderbird seems to be our only mail client profile that enables the `apparmor` option. Users need this when they follow instructions on how to allow reading local mail.
* fix mail clients rule in firejail-default
|
| |
|
| |
|
|
|