| Commit message (Collapse) | Author | Age |
|
|
| |
less is usually used to view various text files including configs so blacklisting many of them in ${HOME} make it less(sic!) usable. We can make them read-only instead.
|
|
|
|
|
|
|
| |
... instead of just blacklisting the X11 socket.
Systematically added to all profiles with 'net none' and
'blacklist /tmp/.X11-unix', and a few more
|
|
|
|
|
|
| |
* ~/.viminfo
* ~/.lesshst
* ~/.python_history
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Streamline include comment for 7z.profile
* Streamline include comment for gzip.profile
* Streamline include comment for less.profile
* Streamline include comment for strings.profile
* Streamline include comment for tar.profile
* Streamline include comment for unrar.profile
* Streamline include comment for unzip.profile
* Streamline include comment for uudeview.profile
* Streamline include comment for xzdec.profile
|
| |
|
|\
| |
| | |
Add nou2f to all profiles
|
| |
| |
| |
| | |
- Closes #2194
|
|/
|
|
| |
search for the file.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
* avoid including globals.local twice
|
|
|
|
| |
grep "cache" -L $(grep "redirect" -iL $(grep "whitelist" -RL))
|
| |
|
|
|
|
|
|
|
| |
see #1822 and #1825. also systematically replaces
'blacklist /run/user/*/bus' with 'nodbus'.
with contributions from @Fred-Barclay
|
| |
|
|
|
|
|
| |
systematically blacklist /run/user/*/bus in all profiles with
'net none'. targets distros like Fedora
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
- mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible
- mdwe also breaks most 3d accelerated programs such as 3d games
- mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference
-- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf
-- See https://github.com/nning/linux-pax-flags
|
|
|
|
|
| |
Hardened many profiles using disable-mnt and novideo
Fixed gnome-font-viewer
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|