Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Allow Tor Browser to run /usr/bin/id (#3114) | creideiki | 2020-01-05 |
| | | | | | | | | | | | | | The start-tor-browser script tries to run /usr/bin/id to check that it isn't root before starting the browser. See https://gitweb.torproject.org/builders/tor-browser-build.git/tree/projects/tor-browser/RelativeLink/start-tor-browser?id=41fd236bbb7d3d75a27473f927be31f7dd8fdc99#n94 If id is not in the private-bin directory, the test still works by accident, but prints these error messages: ./Browser/start-tor-browser: line 94: id: command not found ./Browser/start-tor-browser: line 94: [: : integer expression expected Add id to the private-bin directory to make it run as intended. | ||
* | Use nowhitelist in sylpheed.profile | glitsj16 | 2020-01-05 |
| | | | Thanks @rusty-snake for the suggestion (see #3122). | ||
* | Turn sylpheed.profile into a (claws-mail) redirect | glitsj16 | 2020-01-04 |
| | |||
* | Tighten wusc in claws-mail.profile | glitsj16 | 2020-01-04 |
| | |||
* | Fix private-lib for gentoo in evince.profile | glitsj16 | 2020-01-04 |
| | | | Fixes #3121. | ||
* | Fix neverputt profile | Tad | 2020-01-04 |
| | |||
* | sylpheed: noblacklist ${HOME}/Mail (see #3122) | rusty-snake | 2020-01-04 |
| | |||
* | Add barrier profile (#3115) | Adrian L. Shaw | 2020-01-04 |
| | | | | | | | | | | | | | | | | | | | | * Add barrier.profile * Add newline before special options * Modify description * Add disable mount to barrier.profile * Address feedback from rusty-snake * Remove stray carriage return * Add noexec for /home/user and /tmp * Don't blacklist openssl * Remove redundant rules | ||
* | Gentoo fixes (#3120) | glitsj16 | 2020-01-04 |
| | | | | | | | | * fix private-etc on gentoo * Fix private-etc on gentoo * Fix evince on gentoo | ||
* | update pavucontrol | rusty-snake | 2020-01-03 |
| | | | | see #3112 | ||
* | ${HOME} whitelisting breaks settings in artha | glitsj16 | 2020-01-03 |
| | | | More background info in #3112. | ||
* | typo (wget) & fix (baobab) [skip ci] | rusty-snake | 2020-01-03 |
| | |||
* | fix #3110 | rusty-snake | 2020-01-03 |
| | |||
* | Get rid of #2302 (#3111) | rusty-snake | 2020-01-03 |
| | |||
* | fixup! Extra hardening for wget | rusty-snake | 2020-01-03 |
| | |||
* | Fix wusc in mpv (#3108) | Daniel M. Capella | 2020-01-03 |
| | | | Partly fixes #3107. | ||
* | Fix wusc in exiftool | glitsj16 | 2020-01-03 |
| | | | Arch puts files under /usr/share/perl-image-exiftool, whitelist that path for wusc. | ||
* | Fix wusc in weechat | glitsj16 | 2020-01-03 |
| | | | Partly fixes #3107 (the weechat part). | ||
* | Add artha log to disable-programs.inc | glitsj16 | 2020-01-02 |
| | |||
* | Fix artha | glitsj16 | 2020-01-02 |
| | | | I intentionally wanted to have this as a 'whitelist' profile. The only snag is that artha seems to generate ${HOME}/.config/artha.config.XXXXXX that I cannot whitelist upfront. Added notes to highlight this behaviour. | ||
* | Extra hardening for wget | glitsj16 | 2020-01-02 |
| | |||
* | Additional hardening for whois | glitsj16 | 2020-01-02 |
| | |||
* | Harden artha.profile | glitsj16 | 2020-01-02 |
| | |||
* | Harden aria2c.profile | glitsj16 | 2020-01-02 |
| | |||
* | Future-proof private-lib in gedit.profile | glitsj16 | 2020-01-02 |
| | | | Better fix for #3104 . | ||
* | Fix #3105 -- add allow-ruby.inc | rusty-snake | 2020-01-02 |
| | |||
* | fix gnome-maps | rusty-snake | 2020-01-02 |
| | |||
* | fix celluloid | rusty-snake | 2020-01-02 |
| | |||
* | harden whois.profile | rusty-snake | 2020-01-02 |
| | |||
* | Harden openshot | rusty-snake | 2020-01-02 |
| | |||
* | gnome-builder: fix build cache | rusty-snake | 2020-01-02 |
| | |||
* | Harden wget.profile | rusty-snake | 2020-01-02 |
| | |||
* | Fix private-lib in gedit.profile | glitsj16 | 2020-01-01 |
| | | | Fixes #3104. | ||
* | Make ${HOME}/.config/environment.d read-only | rusty-snake | 2019-12-30 |
| | |||
* | Harden file-roller | rusty-snake | 2019-12-29 |
| | |||
* | disable-devel: blacklist source-code | rusty-snake | 2019-12-29 |
| | |||
* | Add appimage fix to electrum.profile | glitsj16 | 2019-12-29 |
| | |||
* | Update private-bin in tar.profile | glitsj16 | 2019-12-26 |
| | |||
* | Add login.defs to private-etc | glitsj16 | 2019-12-26 |
| | |||
* | Merge pull request #3093 from smitsohu/join | smitsohu | 2019-12-25 |
|\ | | | | | add join timeout and make it configurable | ||
| * | make join timeout configurable in firejail.config | smitsohu | 2019-12-23 |
| | | |||
* | | Fix private-lib in gconf.profile | glitsj16 | 2019-12-25 |
| | | |||
* | | Update description in p7zip.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add decription in 7zr.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add description in 7za.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add description in 7z.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add ephemeral profile (#3094) | glitsj16 | 2019-12-23 |
| | | | | | | | | | | | | | | | | * Create ephemeral.profile * Add ephemeral.profile * Add ephemeral.profile | ||
* | | Fix comments in thunderbird.profile | glitsj16 | 2019-12-21 |
| | | |||
* | | Add gfeeds.profile | rusty-snake | 2019-12-20 |
| | | |||
* | | add publicsuffix to wusc | rusty-snake | 2019-12-20 |
| | |