| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
| |
* Create gist.profile
* Add gist config to disable-programs.inc
* Add gist to firecfg.config
* Update RELNOTES
* Update README.md
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AppArmor security relies on path based rules and rewriting paths
may allow to bypass them.
Those actions are priveliged so vast majority of apps shouldn't need
them anyway. If some app need those rules then it's better to
consider them as unsuitable for apparmor option rather than weaken
generic profile for all apps.
See related issue reported by apparmor usage in snap:
https://bugs.launchpad.net/snapd/+bug/1791711
|
| |
|
|
|
|
|
|
| |
* Create unf.profile
* Add unf to firecfg.config
|
|
|
|
|
|
|
|
| |
* Create gmpc.profile
* Add gmpc config to disable-programs.inc
* Add gmpc to firecfg.config
|
|
|
|
|
|
|
|
| |
* Create drawio.profile
* Add drawio config to disable-programs.inc
* Add drawio to firecfg.config
|
|
|
|
|
|
| |
* Create ddgtk.profile
* Add ddgtk to firecfg.config
|
|
|
|
|
|
| |
* Create cameramonitor.profile
* Add cameramonitor to firecfg.config
|
|
|
|
|
|
| |
* Create audio-recorder.profile
* Add audio-recorder to firecfg.config
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* Create electron-mail.profile
* Add electron-mail to disable-programs.inc
* Add electron-mail to firecfg.config
|
| |
|
|
|
|
|
|
|
|
| |
* Add babl/gegl caches for gimp
* Add gir-1.0 to wusc
* Add babl/gegl support to gimp.profile
|
|\
| |
| | |
RFC: profiles: allow nc in ssh profile by default
|
| | |
|
|\ \
| | |
| | | |
Resolve #3029: drop outdated Skype profile
|
| | | |
|
| | | |
|
| |/
|/| |
|
| |
| |
| |
| | |
second line of defense, as there is always a pid namespace, too
|
| |
| |
| |
| |
| |
| |
| |
| | |
writing in /run/firejail/profile has always been restricted to root user,
and in addition this folder is blacklisted since recently; @{profile_name}
is built-in and adds a bit of flexibility; apparmor cannot be used to
restrict directory search permission, so add more rules for sensitive
paths
|
|\ \ |
|
| | |
| | |
| | | |
Fixes #3038.
|
|/ / |
|
|\| |
|
| |
| |
| |
| | |
close #2988
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
| |
html5, flash and widevine media support unavailable since vivaldi 2.9
|
| |
|
|
|
|
| |
scripting, even though it is written in C, maybe another fix would be better
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update QOwnNotes.profile
Fix startup problem in Ubuntu 19.10:
"bus[17]: D-Bus library appears to be incorrectly set up: see the manual page for dbus-uuidgen to correct this issue. (Failed to open "/var/lib/dbus/machine-id": Datei oder Verzeichnis nicht gefunden; Failed to open "/etc/machine-id": Datei oder Verzeichnis nicht gefunden)
D-Bus not built with -rdynamic so unable to print a backtrace"
* Update etc/QOwnNotes.profile
Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Grant wusc access to perl in spectre-meltdown.profile
* Grant wusc access to perl for exiftool.profile
* Grant wusc access to perl for conplay.profile
* Grant wusc access to perl for clawsker.profile
* Grant wusc access to perl for checkbashisms.profile
|
|
|
| |
Fixes #3015
|
|
|
|
|
|
|
|
| |
* Fix ebook-viewer on manjaro
closes #2996
* Move fix to calibre.profile
|