| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
pending further discussion
|
| |
|
|
|
|
|
| |
see #1822 and #1825. also systematically replaces
'blacklist /run/user/*/bus' with 'nodbus'.
with contributions from @Fred-Barclay
|
| |
|
|
|
| |
- Adds noblacklist /etc/profile.d to many profiles like 2e17082ba4b3399bf5d68bb75587934ea028cc5c and 970f739e2be202a39ab82f589d5773267b903de6
- Disables mdwe to workaround #1803 like 970f739e2be202a39ab82f589d5773267b903de6
|
| |
|
|
|
| |
systematically blacklist /run/user/*/bus in all profiles with
'net none'. targets distros like Fedora
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
- mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible
- mdwe also breaks most 3d accelerated programs such as 3d games
- mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference
-- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf
-- See https://github.com/nning/linux-pax-flags
|
| |
|
|
|
|
|
|
| |
- Added 'disable-devel.conf' to many profiles
- Added 'disable-mnt' to many profiles
- Added 'noexec' to many profiles
- Removed 'netfilter' and 'net none' from profiles with 'protocol unix'
- Cleaned up profiles using defaults
|
| |
|
|
|
| |
Hardened many profiles using disable-mnt and novideo
Fixed gnome-font-viewer
|
| |
|
|
| |
GDK with the following error: Gdk-ERROR **: The program 'thunderbird' received an X Window System error
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
smitsohu
Tad
netblue30
Fred-Barclay
valoq