aboutsummaryrefslogtreecommitdiffstats
path: root/etc/strings.profile
Commit message (Collapse)AuthorAge
* rework strings.profileLibravatar rusty-snake2019-11-10
| | | | close #2988
* many profile fixes (1)Libravatar rusty-snake2019-08-26
| | | | | | | | | | | | | | | | - add novideo to a lot of profiles (there are still more profiles where novideo can be added) - remove commente mdwe from some gnome applications - add descriptions to some profiles - blacklist ${HOME}/.cargo/credentials - move ${HOME}/.git-credentials and ${HOME}/.git-credential-cache to 'top secret' in disable-common.inc - some ordering in disable-programs.inc - merge tor browser blacklists to ${HOME}/.tor-browser* - qupzilla.profile redirect to falkon.profile - blacklist gnome-builder paths - fix transmission profiles inlude - much more
* harden strings profileLibravatar smitsohu2019-08-25
|
* use 'x11 none' optionLibravatar smitsohu2019-06-18
| | | | | | | ... instead of just blacklisting the X11 socket. Systematically added to all profiles with 'net none' and 'blacklist /tmp/.X11-unix', and a few more
* many profile cleanupsLibravatar rusty-snake2019-06-02
|
* harden clamtk profile, strings profile cleanupLibravatar smitsohu2019-03-15
|
* profile hardening: add disable-exec.inc in more placesLibravatar smitsohu2019-03-15
|
* Add fakeroot support for makepkg on Arch (#2536)Libravatar glitsj162019-03-07
| | | | | | | | * Add fakeroot support to patch.profile * Add fakeroot support to strings.profile * Add fakeroot support to tar.profile
* Streamline Include comment for relevant profiles (#2474)Libravatar glitsj162019-02-25
| | | | | | | | | | | | | | | | | | | | * Streamline include comment for 7z.profile * Streamline include comment for gzip.profile * Streamline include comment for less.profile * Streamline include comment for strings.profile * Streamline include comment for tar.profile * Streamline include comment for unrar.profile * Streamline include comment for unzip.profile * Streamline include comment for uudeview.profile * Streamline include comment for xzdec.profile
* Add alternatives to private-etc for profiles in etc/Libravatar Fred-Barclay2019-02-17
| | | | See discussion in #2399
* Merge pull request #2201 from SkewedZeppelin/u2f-apLibravatar netblue302018-10-17
|\ | | | | Add nou2f to all profiles
| * Add nou2f to all profilesLibravatar Tad2018-10-15
| | | | | | | | - Closes #2194
* | Remove "/etc/firejail/" from all include paths, now that profile_read will ↵Libravatar Glenn Washburn2018-10-17
|/ | | | search for the file.
* Harden strings.profileLibravatar glitsj162018-10-11
|
* don't include globals.local twice (take two) (#2010)Libravatar glitsj162018-06-24
| | | | | | | | | | | | | | | | | | | | * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice * avoid including globals.local twice
* recalibrate dbus access, deploy nodbus optionLibravatar smitsohu2018-03-28
| | | | | | | see #1822 and #1825. also systematically replaces 'blacklist /run/user/*/bus' with 'nodbus'. with contributions from @Fred-Barclay
* disable non-abstract session bus addressLibravatar smitsohu2017-10-22
| | | | | systematically blacklist /run/user/*/bus in all profiles with 'net none'. targets distros like Fedora
* added private-lib to eog, eom, file, gpicview, less, strings, and tarLibravatar netblue302017-10-16
|
* make deb; fixed strings profileLibravatar netblue302017-08-23
|
* Merge pull request #1466 from SpotComms/fixndLibravatar Fred Barclay2017-08-13
|\ | | | | Fix nodvd placement
| * Fix nodvd placementLibravatar Tad2017-08-13
| |
* | Harden 17 profiles using private-binLibravatar Tad2017-08-13
|/
* added nodvd to most profilesLibravatar netblue302017-08-13
|
* Fix notv placementLibravatar Tad2017-08-11
|
* added notv to most profilesLibravatar netblue302017-08-11
|
* Unify all profilesLibravatar Tad2017-08-07
|
* Initial adding of memory-deny-write-execute to profilesLibravatar Tad2017-08-02
| | | | | | | | - mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible - mdwe also breaks most 3d accelerated programs such as 3d games - mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference -- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf -- See https://github.com/nning/linux-pax-flags
* Harden 50 profilesLibravatar Tad2017-07-04
| | | | | Hardened many profiles using disable-mnt and novideo Fixed gnome-font-viewer
* fix quiet in profilesLibravatar netblue302017-06-08
|
* added /etc/firejail/globals.local for global customizationsLibravatar netblue302017-05-23
|
* persistent support for all profile filesLibravatar netblue302017-02-09
|
* hardened various profilesLibravatar valoq2016-12-21
|
* quiet fixLibravatar netblue302016-11-29
|
* squash attempt 2Libravatar Fred-Barclay2016-10-24
|
* removed private-tmp from sysutilsLibravatar netblue302016-10-03
|
* added back strings profileLibravatar netblue302016-08-25
|
* removed strings profileLibravatar netblue302016-08-11
|
* added quiet profile commandLibravatar netblue302016-08-01
|
* nosoundLibravatar netblue302016-07-08
|
* sysutilsLibravatar netblue302016-06-28
|
* cpio, gzip, strings, xzdecLibravatar netblue302016-06-27
|
* strings, cpio, gzip, xz profilesLibravatar netblue302016-06-26
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 17:44:36 +0000