aboutsummaryrefslogtreecommitdiffstats
path: root/etc/disable-programs.inc
Commit message (Collapse)AuthorAge
* Merge pull request #1898 from flacks/profiles/clionLibravatar Vincent432018-04-21
|\ | | | | Add CLion profile
| * Add CLion profileLibravatar Jean Lucas2018-04-20
| |
* | allow python in some profilesLibravatar smitsohu2018-04-18
|/
* fix sqlitebrowser blacklistLibravatar glitsj162018-04-09
|
* fix basilisk and palemoon blacklistLibravatar smitsohu2018-04-07
|
* support older config dirLibravatar glitsj162018-04-05
|
* support modern mpd configLibravatar glitsj162018-04-04
|
* fix a0502dc5144185b6d346e92944e3359a833d2378, various enhancementsLibravatar smitsohu2018-04-04
|
* akonadi blacklist additionsLibravatar smitsohu2018-04-03
|
* redirect knotes to kmail, some tweaksLibravatar smitsohu2018-03-30
|
* various blacklist additionsLibravatar smitsohu2018-03-28
|
* rework akonadi integrationLibravatar smitsohu2018-03-26
| | | | | | | | | | | | | | | | | | | | | | | | | | the usr.sbin.mysqld-akonadi apparmor profile, enforced by default in ubuntu and debian testing (and probably opensuse), doesn't play well with a number of firejail options. the reason for this is that once the no_new_privs bit is set, apparmor profile transitions are forbidden. enforcing our own apparmor policy instead is also no solution, because these programs don't even start without d-bus. relaxing the kmail profile was necessary so that kmail can fire up akonadi itself, just in case akonadi has not been started earlier already by another program. this is always an issue when kmail is the only installed akonadi client, but there may be more circumstances. for reasons outlined above this doesn't help debian and ubuntu (opensuse?) users though :-/ a brief summary of the seccomp exceptions: chroot is needed for qt webengine, io_prioset for the akonadi indexing agent, io_getevents, io_submit, io_setup are needed for mysqld. when akonadi has an sqlite3 backend, less exceptions to the seccomp filter are necessary, but mysqld is the default. in the future all kontact suite profiles (itm only kmail, knotes) should probably be redirections to akonadi_control, but the issues with apparmor make this somewhat impractical for now (options like 'protocol' couldn't go to akonadi_control.local any more, if current kmail redirected to there).
* various profile hardeningLibravatar smitsohu2018-03-25
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2018-03-24
|\
| * gnome-recipes profileLibravatar glitsj162018-03-24
| |
* | add basic akonadi integrationLibravatar smitsohu2018-03-24
|/ | | | | as it is now, there is no support for a full akonadi session inside the knotes sandbox, but knotes can connect to akonadi and should work fine
* asunder profileLibravatar netblue302018-03-17
|
* Add falkon profile - see #1794Libravatar Fred-Barclay2018-03-05
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2018-03-05
|\
| * Add VS Code profile - see request in #1139Libravatar Fred-Barclay2018-03-03
| |
* | blacklist smartgit password file - #1796Libravatar smitsohu2018-03-05
|/
* Add a profile for Vivaldi SnapshotLibravatar Witold Baryluk2018-02-20
|
* update more application blacklistsLibravatar smitsohu2018-02-13
|
* update various application blacklistsLibravatar smitsohu2018-02-11
|
* Add tilp profileLibravatar Fred-Barclay2018-02-09
|
* blacklist klipperLibravatar smitsohu2018-02-02
| | | | further to 8aec7694cb4c7c0d07b333b689ab19faacb519f9
* KDE related enhancementsLibravatar smitsohu2018-02-01
|
* kaffeine profileLibravatar smitsohu2018-01-30
|
* harden KDELibravatar smitsohu2018-01-30
|
* Add a profile for Red EclipseLibravatar Tad2018-01-26
|
* Replace xmr-stak-cpu profile with unified xmr-stak profileLibravatar Tad2018-01-25
|
* Add a profile for Fritzing, and update READMELibravatar Tad2018-01-20
|
* Experimental - blacklist snap folder in user home.Libravatar Fred-Barclay2018-01-17
|
* Blacklist pycharm config filesLibravatar Fred-Barclay2018-01-17
|
* Add a profile for OnionShareLibravatar Tad2018-01-14
|
* Add a profile for PitiviLibravatar Tad2018-01-12
|
* Merge pull request #1701 from bn0785ac/masterLibravatar netblue302018-01-02
|\ | | | | tor flavours
| * Simplfy locale specific Tor Browser profilesLibravatar Tad2018-01-01
| |
* | Blacklist the Dash wallet directoryLibravatar Danil Semelenov2017-12-31
|/
* Merge pull request #1697 from sgtpep/patch-4Libravatar netblue302017-12-27
|\ | | | | Blacklist the monero wallets directory
| * Blacklist the monero wallets directoryLibravatar Danil Semelenov2017-12-27
| | | | | | ~/Monero/wallets is the default path suggested by the official wallet application, but it can be changed by user.
* | Blacklist ~/.ethereumLibravatar Danil Semelenov2017-12-27
|/
* Add new path for TelegramDesktop files.Libravatar Alexander GQ Gerasiov2017-12-17
| | | | | Latest versions of TelegramDesktop supports both old (~/.TelegramDesktop) and new (~/.local/share/TelegramDesktop) location of sensitive data files.
* fix qutebrowserLibravatar smitsohu2017-12-11
|
* remove mutt blacklist redundanciesLibravatar smitsohu2017-12-09
|
* Blacklist s3cmd and s3fs configsLibravatar Danil Semelenov2017-11-25
|
* extend qt5ct support - #1540Libravatar smitsohu2017-11-24
| | | | | configuration files should be available to all Qt apps. qt5ct is used e.g. by Manjaro for their theming.
* more profile improvementsLibravatar smitsohu2017-11-23
|
* some profile improvementsLibravatar smitsohu2017-11-19
|
* Blacklist the Electron Cash WalletLibravatar Danil Semelenov2017-11-14
|
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-20 01:25:14 +0000