aboutsummaryrefslogtreecommitdiffstats
path: root/etc/vlc.profile
Commit message (Collapse)AuthorAge
* matching noblacklist in profile files with blacklist in disable-programs.incLibravatar netblue302017-11-02
|
* fix vlc profileLibravatar netblue302017-10-25
|
* Tighten multiple profiles.Libravatar Fred-Barclay2017-10-04
| | | | | This adds whitelist-var-common, machine-id, memory-deny-write-execute, and noexec home and tmp when possible.
* whitelisting /varLibravatar netblue302017-09-17
|
* harmonize vlc and cvlcLibravatar smitsohu2017-08-22
|
* various profile fixesLibravatar smitsohu2017-08-22
|
* Fix comments in 88 profilesLibravatar Tad2017-08-07
| | | | There may actually be some other comments that were removed, but the bulk have been restored
* Unify all profilesLibravatar Tad2017-08-07
|
* various profile fixes (#1433)Libravatar Vladimir Schowalter2017-08-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * calibre: add netlink protocol (FB note: removed before merge) calibre started without netlink protocol throws following error in console: Exception in thread Thread-8: Traceback (most recent call last): File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner self.run() File "/usr/lib/calibre/calibre/utils/mdns.py", line 43, in run _all_ip_addresses = self.get_all_ips() File "/usr/lib/calibre/calibre/utils/mdns.py", line 27, in get_all_ips for x in netifaces.interfaces(): OSError: [Errno 95] Operation not supported * mpv: add nogroups, tracelog, ipc-namespace, private-dev I used testes all above options and didn't noticed any breakage. * qbittorrent: add netlink protocol, private-etc Netlink protocol is needed if user select to bind specific network interface in config. Otherwise it throws an error in qbittorent log: The network interface defined is invalid: tun0 Example private-etc is added but commented out by default. It's tested but as there are many different system configurations users should enable it manually. * vlc: disable memory-deny-write-execute With memory-deny-write-execute vlc freezes after loading video file. According to https://github.com/VladimirSchowalter20/firejail/commit/b18f42ab0236de7eed5888f43ba36cdaf990cbca memory-deny-write-execute is similar to PAX mprotect feature and linked github project explicitly disables that feature for vlc binary, see https://github.com/copperhead/paxd-archive/commit/deb39e0b91996e2e9c7917b3543030880cd476f4 * Update vlc.profile * wine: add nogroups Nogroups should be safe addition for wine * wireshark: allow users to run wireshark as non-root Wireshark can be run unprivileged when user is part of wireshark group. Unfortunately enabling nogroups,nonewprivs and seccomp will break it with permissions errors. Also added example private-etc option which is commented out by default for now. * cosmetic fix * mpv: comment out ipc-namespace for now As requested in review https://github.com/netblue30/firejail/pull/1433#discussion_r131550515 * calibre: disable netlink protocol It throws an error but actual breakage isn't observed for now.
* Initial adding of memory-deny-write-execute to profilesLibravatar Tad2017-08-02
| | | | | | | | - mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible - mdwe also breaks most 3d accelerated programs such as 3d games - mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference -- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf -- See https://github.com/nning/linux-pax-flags
* Uncomment private-dev for vlc profile.Libravatar Fred Barclay2017-06-15
| | | | Since private-dev now allows video devices, we can probably enable private-dev in the profile.
* added /etc/firejail/globals.local for global customizationsLibravatar netblue302017-05-23
|
* Fix VLC GUI artifacts #1277Libravatar Tad2017-05-17
|
* Harden more profilesLibravatar Tad2017-04-17
|
* Harden 19 more profilesLibravatar Tad2017-04-15
|
* added Geeqie profileLibravatar netblue302017-03-05
|
* persistent support for all profile filesLibravatar netblue302017-02-09
|
* profile mergesLibravatar netblue302017-01-20
|
* bugfix: crashing vlc when pressing Ctrl-OLibravatar netblue302016-11-09
|
* vlc profile fixLibravatar netblue302016-10-09
|
* tested and stableLibravatar Fred-Barclay2016-09-01
|
* tightened vlcLibravatar Fred-Barclay2016-08-05
|
* private-bin conversionLibravatar netblue302016-06-10
|
* private-bin conversionLibravatar netblue302016-06-10
|
* merged Various #542 pull request from Fred-BarclayLibravatar netblue302016-05-31
|
* profiles: Add nonewprivs where sensibleLibravatar The Fox in the Shell2016-05-25
|
* delete blacklist wine from profilesLibravatar avoidr2016-04-12
|
* introducing disable-passwdmgr.incLibravatar netblue302016-03-28
|
* consolidated disable-terminals into disable-commonLibravatar netblue302016-03-27
|
* consolidating disable-mgmt and disable-sercret into disable-commonLibravatar netblue302016-03-26
|
* profile workLibravatar netblue302016-03-26
|
* profile updateLibravatar netblue302016-03-12
|
* profiles cleanupLibravatar netblue302016-03-05
|
* split out terminal blacklisting in disable-terminals.incLibravatar netblue302016-02-12
|
* added disable-devel.incLibravatar netblue302015-11-01
|
* merged disable-history.inc into disable-common.incLibravatar netblue302015-10-30
|
* enable --protocol by default in profilesLibravatar netblue302015-10-28
|
* disabled Wine and VirtualBox in default profilesLibravatar netblue302015-09-24
|
* fixesLibravatar netblue302015-09-24
|
* security profile workLibravatar netblue302015-09-24
|
* disable-history.inc integration - included in all profile filesLibravatar netblue302015-08-12
|
* Baseline firejail 0.9.28Libravatar netblue302015-08-08
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-02 18:53:00 +0000