| Commit message (Collapse) | Author | Age |
|\
| |
| | |
tighten private-bin and etc for torbrowser-launcher.profile
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* nano: add quiet option
* ffmpegthumbnailer: fix quiet leakage
* ffplay: fix quiet leakage
* ffprobe: fix quiet leakage
* rnano: fix quiet leakage
* qt-faststart: fix quiet leakage
* scp: fix quiet leakage
* sftp: fix quiet leakage
* transmission-create: fix quiet leakage
* transmission-edit: fix quiet leakage
* transmission-remote-cli: fix quiet leakage
* transmission-remote-gtk: fix quiet leakage
* dnscrypt-proxy: add quiet option
* dnsmasq: add quiet option
* seahorse-daemon: add quiet option
* xpra: add quiet option
* Xephyr: add quiet option
* Xvfb: add quiet option
|
| |
|
|
|
| |
https://forums.whonix.org/t/automatically-firejailing-tor-browser/4767/29
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix potential leakage of quiet option in 7za
* Fix potential leakage in quiet option for 7zr
* Fix potential leakage in quiet option for p7zip
* Fix potential leakage in quiet option for acat
* Fix potential leakage in quiet option for adiff
* Fix potential leakage in quiet option for als
* Fix potential leakage in quiet option for apack
* Fix potential leakage in quiet option for arepack
* Fix potential leakage in quiet option for aunpack
* Fix potential leakage in quiet option for lrunzip
* Fix potential leakage in quiet option for lrz
* Fix potential leakage in quiet option for lrzcat
* Fix potential leakage in quiet option for lrzip
* Fix potential leakage in quiet option for lrztar
* Fix potential leakage in quiet option for lrzuntar
* Fix potential leakage in quiet option for zpaq
|
| |
|
| |
|
| |
|
|
|
|
|
| |
VirtualBox has several setuid binaries which need cap_sys_admin, cap_net_raw and cap_sys_nice to work properly.
Fixes https://github.com/netblue30/firejail/issues/2868
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
* Create unzstd.profile
* Add unzstd to firecfg.config
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Create zstd.profile
* Create pzstd.profile
* Create zstdcat.profile
* Create zstdgrep.profile
* Create zstdless.profile
* Create zstdmt.profile
* Add zstd and its redirect profiles to firecfg.config
|
| |
|
| |
|
|
|
|
| |
Every time QOwnNotes was started, setup Wizard was shown. Log shown:
`Warning: cannot create xxx.config directory`
|
| |
|
|
|
|
|
|
|
|
| |
* added 'noblacklist ${PICTURES}' to mpv.profile
* Update mpv.profile
fix typo
|
|
|
|
|
|
|
| |
the commit in question introduced an early check of Firejail configuration
file, which broke "firejail in firejail" for some sandboxes.
see issue #2877
|
| |
|
|
|
|
| |
* Fix #2866 -- private-etc needed os-release,redhat-release,system-release,system-release-cpe
|
|\
| |
| | |
Create rsync.profile
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
- fix sorting and private-etc, thanks to @glitsj16 for catching this
- add some missing to private-bin in firefox (still need more testing)
|
| |
| |
| |
| |
| |
| | |
- add a private-bin to firefox for fedora (still need testing)
- add a temporary workaround for #2877 ghostwriter sience this break export and preview with pandoc
- remove 'name slack' from slack.profile sience this is the only profile with name
|
|\ \
| | |
| | | |
Add Whalebird profile
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- pluma: sync private-lib from gedit to fix crashes
5e220b2da502bdcaf0f6188779e8bb0e37c9c414
- checkbashisms: fix missing library needed under CentOS 7
of note:
- yelp complains about /etc/pki but lacks network access anyway
under openSUSE Tumbleweed
- gedit is broken, see #2207
- onionshare-gui is broken, unrelated to firejail
under CentOS 7
- chromium-common is broken, commenting private-dev fixes,
potentially related to firejail, there are SELinux denials
for /dev/urandom
under Fedora and CentOS 7
- gnome-system-log is broken, as it is a script that calls logview
using pkexec, consider commenting in firecfg?
|
|\ \ \
| | | |
| | | | |
Add new Tor Browser alias
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- tor-browser in the AUR is an international package; all other
individual language variants have been removed, so, add new alias
- Add 'tor-browser' and 'mv' to private-bin in launcher profile ('mv' is
required when upgrading tor-browser versions)
- Add 'tor-browser' to firecfg.config
- Add config dir to disable-programs.inc
|
|/ /
| |
| |
| | |
itch now also uses ~/.itch for application updates
|
| |
| |
| |
| |
| |
| | |
- Add Zulip config dir to disable-programs.inc
- Add disable-xdg.inc to Zulip profile
- Add Zulip to firecfg.config
|
| | |
|
| | |
|
| | |
|
|/
|
| |
The `private-cache` option breaks electron related builds (see [this](https://github.com/minbrowser/min/issues/793) for an example).
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
* remove mincore
* add @default without chroot
* add @default-nodebuggers without chroot
|
|/
|
|
|
|
| |
users not in firejail.users should only see the error,
not the symlink warning. Also exposes less code to non-
authorized users.
|