Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | removing private-lib from evince, issue #1711 | netblue30 | 2018-03-14 |
| | |||
* | (Temporarily?) fix private-lib for evince. See #1711"e | Fred-Barclay | 2018-03-12 |
| | |||
* | bringing back private-lib in evince, and some fixes for Arch Linux | netblue30 | 2018-03-12 |
| | |||
* | Disable memory-deny-write-execute in evince profile | Vincent43 | 2018-03-07 |
| | | | It started breaking application in Archlinux, see https://github.com/netblue30/firejail/issues/1803 | ||
* | temporarely removed private-lib, GnomeShell problems: #1711 | netblue30 | 2018-01-18 |
| | |||
* | adding machine-id to a number of profiles | netblue30 | 2017-12-04 |
| | |||
* | Consistent home directory nomenclature | Fred-Barclay | 2017-11-17 |
| | |||
* | fix and harden various profiles | smitsohu | 2017-10-29 |
| | |||
* | disable non-abstract session bus address | smitsohu | 2017-10-22 |
| | | | | | systematically blacklist /run/user/*/bus in all profiles with 'net none'. targets distros like Fedora | ||
* | private-lib developments | netblue30 | 2017-10-09 |
| | |||
* | private-lib developments | netblue30 | 2017-10-09 |
| | |||
* | various profile enhancements | smitsohu | 2017-09-25 |
| | | | | | | | * okular needs kdeinit4 for open file dialog since recently * memory-deny-write-execute should be a safe addition for desktop use of dnscrypt and unbound * cleanup works | ||
* | merge #1565 | netblue30 | 2017-09-22 |
| | |||
* | Fixup merge of #1565 | Tad | 2017-09-22 |
| | |||
* | 1 LIST | Your Name | 2017-09-19 |
| | |||
* | whitelist /var - Xubuntu fixes | netblue30 | 2017-09-17 |
| | |||
* | Fix nodvd placement | Tad | 2017-08-13 |
| | |||
* | added nodvd to most profiles | netblue30 | 2017-08-13 |
| | |||
* | Fix notv placement | Tad | 2017-08-11 |
| | |||
* | added notv to most profiles | netblue30 | 2017-08-11 |
| | |||
* | Fix comments in 88 profiles | Tad | 2017-08-07 |
| | | | | There may actually be some other comments that were removed, but the bulk have been restored | ||
* | Unify all profiles | Tad | 2017-08-07 |
| | |||
* | Add back net none/netfilter as needed | Fred-Barclay | 2017-08-02 |
| | |||
* | Initial adding of memory-deny-write-execute to profiles | Tad | 2017-08-02 |
| | | | | | | | | - mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible - mdwe also breaks most 3d accelerated programs such as 3d games - mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference -- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf -- See https://github.com/nning/linux-pax-flags | ||
* | Harden profiles | Tad | 2017-08-02 |
| | | | | | | | | - Added 'disable-devel.conf' to many profiles - Added 'disable-mnt' to many profiles - Added 'noexec' to many profiles - Removed 'netfilter' and 'net none' from profiles with 'protocol unix' - Cleaned up profiles using defaults | ||
* | test: add novideo to profiles (part 1) | Fred Barclay | 2017-06-15 |
| | |||
* | commented out ipc-namespace in most profiles - it breaks newer versions of ↵ | netblue30 | 2017-05-25 |
| | | | | GDK with the following error: Gdk-ERROR **: The program 'thunderbird' received an X Window System error | ||
* | added /etc/firejail/globals.local for global customizations | netblue30 | 2017-05-23 |
| | |||
* | Harden more profiles | Tad | 2017-04-17 |
| | |||
* | Harden 19 more profiles | Tad | 2017-04-15 |
| | |||
* | persistent support for all profile files | netblue30 | 2017-02-09 |
| | |||
* | blacklisted various program files | valoq | 2016-12-01 |
| | |||
* | reversed incorrect changes | valoq | 2016-11-19 |
| | |||
* | profile fixes | netblue30 | 2016-11-05 |
| | |||
* | private-tmp changes | valoq | 2016-11-03 |
| | |||
* | Allow evince to access /tmp | Dara Adib | 2016-10-09 |
| | | | | | firefox will save files under /tmp/mozilla_* and try to open them with evince when evince is the default PDF reader. | ||
* | Added tracelog | Fred-Barclay | 2016-09-25 |
| | |||
* | If you give a mouse a cookie... | Fred-Barclay | 2016-07-09 |
| | |||
* | profile update | netblue30 | 2016-06-23 |
| | |||
* | private-bin conversion | netblue30 | 2016-06-10 |
| | |||
* | private-bin conversion | netblue30 | 2016-06-10 |
| | |||
* | merged Various #542 pull request from Fred-Barclay | netblue30 | 2016-05-31 |
| | |||
* | profiles: Add nonewprivs where sensible | The Fox in the Shell | 2016-05-25 |
| | |||
* | delete blacklist wine from profiles | avoidr | 2016-04-12 |
| | |||
* | introducing disable-passwdmgr.inc | netblue30 | 2016-03-28 |
| | |||
* | consolidated disable-terminals into disable-common | netblue30 | 2016-03-27 |
| | |||
* | consolidating disable-mgmt and disable-sercret into disable-common | netblue30 | 2016-03-26 |
| | |||
* | profile work | netblue30 | 2016-03-26 |
| | |||
* | profile update | netblue30 | 2016-03-12 |
| | |||
* | split out terminal blacklisting in disable-terminals.inc | netblue30 | 2016-02-12 |
| |