| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
| |
pending further discussion
|
|
|
|
|
|
|
| |
see #1822 and #1825. also systematically replaces
'blacklist /run/user/*/bus' with 'nodbus'.
with contributions from @Fred-Barclay
|
| |
|
|
|
|
|
| |
- Adds noblacklist /etc/profile.d to many profiles like 2e17082ba4b3399bf5d68bb75587934ea028cc5c and 970f739e2be202a39ab82f589d5773267b903de6
- Disables mdwe to workaround #1803 like 970f739e2be202a39ab82f589d5773267b903de6
|
| |
|
|
|
|
| |
- This appears to be a general issue with private-lib, that might've already been fixed in master
|
|
|
|
| |
- Tor browser doesn't have nosound, so include pulse in private-etc
|
|
|
|
|
| |
systematically blacklist /run/user/*/bus in all profiles with
'net none'. targets distros like Fedora
|
|
|
|
|
|
|
| |
Note that on Arch at least, pluma starts without problems even
if the private-lib filter is empty, while gedit requires
`private-lib gedit`.
We can probably do something similar for xed.
|
| |
|
|
|
|
|
| |
This adds whitelist-var-common, machine-id, memory-deny-write-execute,
and noexec home and tmp when possible.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
There may actually be some other comments that were removed, but the bulk have been restored
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
- Added 'disable-devel.conf' to many profiles
- Added 'disable-mnt' to many profiles
- Added 'noexec' to many profiles
- Removed 'netfilter' and 'net none' from profiles with 'protocol unix'
- Cleaned up profiles using defaults
|
|
|
|
| |
GDK with the following error: Gdk-ERROR **: The program 'thunderbird' received an X Window System error
|
| |
|
| |
|
| |
|
| |
|
|
|