| Commit message (Collapse) | Author | Age |
... | |
|
|
| |
https://store.steampowered.com/app/219150/Hotline_Miami/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is used for storing AppImages.
Note that even when blacklisting a directory, it is possible to execute
an AppImage from it. For example, the following works:
firejail --noprofile --blacklist='${HOME}/Applications' --appimage \
~/Applications/foo.AppImage
While the resulting process does not appear to have access to the
blacklisted directory.
|
|
|
|
|
|
|
| |
* ocenaudio: blacklist cache dir
* ocenaudio: hardenings
* ocenaudio: fix protocol comment
|
|
|
|
|
| |
This amends commit af8f681c0 ("steam.profile: allow "${HOME}/.prey"",
2022-03-11) / PR #5029.
|
|\ |
|
| | |
|
|/
|
|
|
|
| |
as suggested by @rusty-snake
in addition blacklist/noblacklist/whitelist songrec application files
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add opera-developer to firecfg
* add opera-developer
* fix typo
* add configs for opera-developer
* Create opera-developer.profile
* fixes for opera-developer
* fix for opera-developer
|
| |
|
|\
| |
| | |
steam.profile: allow ~/.config/MangoHud
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Add neovim profile
|
| | | |
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Seafile
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
{lutris,wine}.profile: allow ~/.cache/wine
|
| | |_|/
| |/| | |
|
|\ \ \ \
| | | | |
| | | | | |
Blacklist rclone, 1Password, Ledger Live and cointop
|
| |/ / / |
|
|\ \ \ \
| | | | |
| | | | | |
add a profile for cointop
|
| |/ / / |
|
| | | | |
|
|/ / / |
|
| | | |
|
| | | |
|
| |/
|/| |
|
|/ |
|
| |
|
|\
| |
| | |
yt-dlp: add missing paths & mpv.profile: whitelist paths for yt-dlp
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This amends commit d6ca41c19 ("update mpv.profile", 2021-10-24) /
PR #4634.
These paths were taken from yt-dlp(1). They are used since yt-dlp
commit e2e43aea2 ("Portable Configuration file (closes #19)",
2021-01-16)[1].
Environment: yt-dlp 2021.12.01-1 on Artix Linux.
Relates to: https://github.com/yt-dlp/yt-dlp/issues/19
[1] https://github.com/yt-dlp/yt-dlp/commit/e2e43aea2159a235e151f56bd14383129a6b4355
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Fix vscodium
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It creates the following directories on startup:
* ~/.config/VSCodium
* ~/.vscode-oss
Environment:
$ grep '^NAME' /etc/os-release
NAME="Artix Linux"
$ pacman -Q vscodium-bin
vscodium-bin 1.60.2-2
Note: The following entry is already on disable-programs.inc:
noblacklist ${HOME}/.vscode-oss
It was added on commit de90834a8 ("Update disable-programs.inc",
2019-03-02).
Relates to #3871.
|
|\ \
| |/
|/| |
Add profiles for build-systems (/package-managers)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Profiles: bunler, cargo (refactor), cmake (untested), make, meson, pip
All redirect to build-systems-common.profile
Other fixes:
- blacklist ${HOME}/.bundle
- blacklist ${HOME}/.cargo/* -> blacklist ${HOME}/.cargo
- blacklist /usr/lib64/ruby
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* cheese
- fix: dbus-user.own org.gnome.Cheese
- fix: whitelist /usr/share/gstreamer-1.0
- fix: include allow-python3.inc
- hardening: include disable-shell.inc
- hardening: include whitelist-run-common.inc and whitelist /run/udev/data
- hardening: whitelist /usr/libexec/gstreamer-1.0/gst-plugin-scanner
- hardening: noinput
- hardening: nosound
- hardening: seccomp.block-secondary
- hardening: private-dev
* geekbench (closes #4576)
- fix: noblacklist /sbin and noblacklist /usr/sbin
- fix: noblacklist, blacklist, mkdir, whitelist, read-write ${HOME}/.geekbench5
- fix: comment/remove private-bin, private-lib, private-opt
* inkscape
- add quiet for cli usage
* musixmatch (#4518)
- allow chroot
* pandoc
- fix: include allow-bin-sh.inc
- fix: drop private-bin
- hardening: include whitelist-runuser-common.inc
- hardening: seccomp.block-secondary
|
| | |
|
|\ \
| |/
|/| |
Blacklist Exodus wallet
|
| | |
|
|/
|
|
|
|
|
|
|
|
| |
- disable-programs.inc: blacklist ${HOME}/.local/state/pipewire
If you did not yet noticed, on 08th May 2021 the XDG Base Directory
Specification 0.8 was resleased (the first update since 2010). New are
$XDG_STATE_HOME and $HOME/.local/bin.
- keepassxc: mkdirs are necessary
- gnote: harden
- pngquant: harden
|
|\
| |
| | |
create yt-dlp.profile
|
| | |
|