summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
...
* | asunder profileLibravatar netblue302018-03-17
|/
* more apparmor deploymentLibravatar Vincent432018-03-17
|
* apparmor deploymentLibravatar netblue302018-03-16
|
* Add a LibreOffice profile alias for BaseLibravatar Tad2018-03-15
|
* removing private-lib from evince, issue #1711Libravatar netblue302018-03-14
|
* fix private-etc in spotify profile - #1768Libravatar smitsohu2018-03-13
|
* fix qupzilla, falkon (seccomp, tracelog, private-tmp) - #1794, #1736Libravatar smitsohu2018-03-13
|
* fix unbound (ip-transparent option) - #1731Libravatar smitsohu2018-03-13
|
* harden kwriteLibravatar smitsohu2018-03-13
|
* noblacklist /etc/profile.d cleanupLibravatar netblue302018-03-13
|
* fix PROMPT_COMMAND for bash - this was the problem on CentOS that we needed ↵Libravatar netblue302018-03-13
| | | | to unblacklist /etc/profile.d; I'll do some cleanup in the next commit
* (Temporarily?) fix private-lib for evince. See #1711"eLibravatar Fred-Barclay2018-03-12
|
* Even more fixes for /etc/profileLibravatar Fred-Barclay2018-03-12
|
* More fixes for /etc/profile and mdweLibravatar Tad2018-03-12
| | | | | - Adds noblacklist /etc/profile.d to many profiles like 2e17082ba4b3399bf5d68bb75587934ea028cc5c and 970f739e2be202a39ab82f589d5773267b903de6 - Disables mdwe to workaround #1803 like 970f739e2be202a39ab82f589d5773267b903de6
* Merge branch 'master' of http://github.com/netblue30/firejailLibravatar netblue302018-03-12
|\
| * Add a profile for gnome-builderLibravatar Tad2018-03-12
| |
| * Remove mdwe from viewnior - fix #1808Libravatar Fred-Barclay2018-03-12
| |
* | bringing back private-lib in evince, and some fixes for Arch LinuxLibravatar netblue302018-03-12
|/
* fix bash on CentOS 7Libravatar startx20172018-03-12
|
* fix speller support in gedit profileLibravatar startx20172018-03-12
|
* Add a steam profile alias for steam-nativeLibravatar Tad2018-03-10
|
* Disable memory-deny-write-execute in evince profileLibravatar Vincent432018-03-07
| | | It started breaking application in Archlinux, see https://github.com/netblue30/firejail/issues/1803
* Add falkon profile - see #1794Libravatar Fred-Barclay2018-03-05
|
* Fix #1797 - Brave doesn't open with noexec /tmpLibravatar Fred-Barclay2018-03-05
|
* fix kioexec/krun for KDE authenticationLibravatar netblue302018-03-05
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2018-03-05
|\
| * Add VS Code profile - see request in #1139Libravatar Fred-Barclay2018-03-03
| |
| * Add netlink to protocol list and drop chroot from seccomp filter - should ↵Libravatar Fred-Barclay2018-03-02
| | | | | | | | | | | | | | | | fix #1792. Brackets no longer opens without netlink in the protocol list, or with chroot blacklisted by the seccomp filter (which this commit changes from 'seccomp' to 'seccomp.keep').
* | blacklist smartgit password file - #1796Libravatar smitsohu2018-03-05
|/
* let konsole access its settings - #1789Libravatar smitsohu2018-03-02
|
* cleanup: remove empty private-bin and private-etc linesLibravatar smitsohu2018-03-01
|
* add join-or-start to dolphin, okular and kwriteLibravatar smitsohu2018-03-01
| | | | fixes registration of d-bus services, closes #1391
* Fixup private-bin in start-tor-browser.profile after ↵Libravatar Tad2018-02-27
| | | | 63d455fbe6cfde2f97137f51b779d44f22cb4675
* Sync start-tor-browser with torbrowser-launcher profile'Libravatar Tad2018-02-27
| | | | | | start-tor-browser.profile should stay seperate from torbrowser-launcher for the case when downloaded manually. The other tor-browser-* are okay to extend torbrowser-launcher because their paths are known.
* Add ld.so.cache to torbrowser-launcher.profileLibravatar Tad2018-02-26
|
* Add ld.so.cache to firefox-common.profile, fixes #1767Libravatar smitsohu2018-02-26
|
* drop cap_mac_admin in apparmor profileLibravatar smitsohu2018-02-27
|
* Merge pull request #1787 from joelazar/masterLibravatar Fred Barclay2018-02-26
|\ | | | | .Xauthority moved from blacklist to read-only
| * .Xauthority moved from blacklist to read-onlyLibravatar joelazar2018-02-26
| |
* | Add join-or-start to kate (should fix #1784)Libravatar Fred-Barclay2018-02-24
| |
* | man page, README.md, RELNOTESLibravatar netblue302018-02-21
|/
* Minor bitcoin-qt nitpicks and update READMELibravatar Tad2018-02-20
|
* Revert "Also whitelist .bitcoin-testnet just in case"Libravatar Witold Baryluk2018-02-20
| | | | | | | | This reverts commit 254d2a9d9b6e752c0e3188fa90e4c5856eae5979. Testnet blockchain is in ~/.bitcoin/testnet3/ no need for anything else. And config is in ./.config/Bitcoin/Bitcoin-Qt-testnet.conf
* Also whitelist .bitcoin-testnet just in caseLibravatar Witold Baryluk2018-02-20
|
* Remove unecassary blacklist for bitcoin-qt config. Comment about private-libLibravatar Witold Baryluk2018-02-20
|
* Add a profile for Bitcoin Core QT client / walletLibravatar Witold Baryluk2018-02-20
|
* Add a profile for Vivaldi SnapshotLibravatar Witold Baryluk2018-02-20
|
* Apparmor: Allow log Firejail blacklist violationsLibravatar Vincent432018-02-19
|
* Log denied write access for easier debuggingLibravatar Vincent432018-02-19
| | | After more testing we can disable logging gain.
* Apparmor: blacklist /proc and /sys access from firejailLibravatar Vincent432018-02-19
| | | | | Firejail does blacklisting sensitive /proc and /sys files on its own: https://github.com/netblue30/firejail/blob/master/src/firejail/fs.c#L530 There is no need to duplicate this in apparmor using whitelisting approach which is much harder to do and needs never ending maintenance.
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-04 17:34:57 +0000