Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Harden openshot | rusty-snake | 2020-01-02 |
| | |||
* | gnome-builder: fix build cache | rusty-snake | 2020-01-02 |
| | |||
* | Harden wget.profile | rusty-snake | 2020-01-02 |
| | |||
* | Fix private-lib in gedit.profile | glitsj16 | 2020-01-01 |
| | | | Fixes #3104. | ||
* | Make ${HOME}/.config/environment.d read-only | rusty-snake | 2019-12-30 |
| | |||
* | Harden file-roller | rusty-snake | 2019-12-29 |
| | |||
* | disable-devel: blacklist source-code | rusty-snake | 2019-12-29 |
| | |||
* | Add appimage fix to electrum.profile | glitsj16 | 2019-12-29 |
| | |||
* | Update private-bin in tar.profile | glitsj16 | 2019-12-26 |
| | |||
* | Add login.defs to private-etc | glitsj16 | 2019-12-26 |
| | |||
* | Merge pull request #3093 from smitsohu/join | smitsohu | 2019-12-25 |
|\ | | | | | add join timeout and make it configurable | ||
| * | make join timeout configurable in firejail.config | smitsohu | 2019-12-23 |
| | | |||
* | | Fix private-lib in gconf.profile | glitsj16 | 2019-12-25 |
| | | |||
* | | Update description in p7zip.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add decription in 7zr.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add description in 7za.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add description in 7z.profile | glitsj16 | 2019-12-24 |
| | | |||
* | | Add ephemeral profile (#3094) | glitsj16 | 2019-12-23 |
| | | | | | | | | | | | | | | | | * Create ephemeral.profile * Add ephemeral.profile * Add ephemeral.profile | ||
* | | Fix comments in thunderbird.profile | glitsj16 | 2019-12-21 |
| | | |||
* | | Add gfeeds.profile | rusty-snake | 2019-12-20 |
| | | |||
* | | add publicsuffix to wusc | rusty-snake | 2019-12-20 |
| | | |||
* | | Fix Brave's native sandbox (#3087) | glitsj16 | 2019-12-19 |
| | | | | | | | | | | | | | | | | | | | | * Allow user access to /proc/config.gz * Fix Brave's native sandbox * Move /proc/config.gz to disable-common.inc * Move /proc/config.gz to disable-common.inc | ||
* | | Fix private-etc ordering in seahorse-tool | glitsj16 | 2019-12-19 |
| | | |||
* | | Create gtk-update-icon-cache.profile | rusty-snake | 2019-12-19 |
| | | |||
* | | fix seahorse-tool | rusty-snake | 2019-12-19 |
| | | |||
* | | Update baobab.profile | rusty-snake | 2019-12-19 |
| | | |||
* | | Update disable-programs.inc | glitsj16 | 2019-12-19 |
| | | |||
* | | Update brave.profile | glitsj16 | 2019-12-19 |
| | | |||
* | | Add brave redirect profiles (#3088) | glitsj16 | 2019-12-18 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add more brave redirects to firecfg.config These redirects are found on Debian/Ubuntu when enabling the official Brave repositories cfr. https://brave-browser.readthedocs.io/en/latest/installing-brave.html#linux * Create brave-browser-beta.profile * Create brave-browser-dev.profile * Create brave-browser-nightly.profile * Create brave-browser-stable.profile | ||
* | | Fix description ordering in brave.profile | glitsj16 | 2019-12-16 |
| | | |||
* | | Add gzip redirect profiles (#3083) | glitsj16 | 2019-12-16 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Create gzexe.profile * Create uncompress.profile * Create zcat.profile * Create zcmp.profile * Create zdiff.profile * Create zegrep.profile * Create zfgrep.profile * Create zforce.profile * Create zgrep.profile * Create zless.profile * Create zmore.profile * Create znew.profile | ||
* | | wine: enable allow-debuggers by default - #446 | smitsohu | 2019-12-11 |
| | | |||
* | | gpg additions (#3077) | glitsj16 | 2019-12-10 |
| | | | | | | | | | | | | | | | | * Add 'quiet' to gpg.profile * Add 'quiet' to gpg-agent.profile * Create gpg2.profile | ||
* | | Fix DeVeDe-NG export | rusty-snake | 2019-12-06 |
| | | | | | | | | It is better to comment wusc in ffmpeg? | ||
* | | fix brasero | rusty-snake | 2019-12-06 |
| | | |||
* | | Merge pull request #3065 from the-antz/profile-thunderbird-wayland | smitsohu | 2019-12-03 |
|\ \ | | | | | | | Minor profile tweaks. | ||
| * | | Minor profile tweaks. | Antz | 2019-11-26 |
| | | | | | | | | | | | | thunderbird-wayland profile did not include thunderbird-wayland.local | ||
* | | | libreoffice aliasen | rusty-snake | 2019-11-28 |
| | | | |||
* | | | Fix profile: ffmpeg (#3064) | the-antz | 2019-11-27 |
|/ / | | | | | Fix broken libx265 encoding (needs the set_mempolicy syscall). | ||
* | | blacklist /tmp/.X11-unix in gist.profile | glitsj16 | 2019-11-25 |
| | | | | | | Thanks to @rusty-snake for requesting this in https://github.com/netblue30/firejail/pull/3061. | ||
* | | Add redirect profile for gist-paste (#3062) | glitsj16 | 2019-11-25 |
| | | |||
* | | Add new profile: gist (#3061) | glitsj16 | 2019-11-25 |
| | | | | | | | | | | | | | | | | | | | | | | | | * Create gist.profile * Add gist config to disable-programs.inc * Add gist to firecfg.config * Update RELNOTES * Update README.md | ||
* | | blacklist gksu, gksudo, kdesudo | rusty-snake | 2019-11-25 |
| | | |||
* | | various fixups | rusty-snake | 2019-11-25 |
| | | |||
* | | apparmor: misc fix for pcscd | Vincent43 | 2019-11-24 |
| | | |||
* | | apparmor: don't allow mounts and paths manipulation | Vincent43 | 2019-11-24 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | AppArmor security relies on path based rules and rewriting paths may allow to bypass them. Those actions are priveliged so vast majority of apps shouldn't need them anyway. If some app need those rules then it's better to consider them as unsuitable for apparmor option rather than weaken generic profile for all apps. See related issue reported by apparmor usage in snap: https://bugs.launchpad.net/snapd/+bug/1791711 | ||
* | | apparmor: allow access to pcscd socket (smartcards) | Vincent43 | 2019-11-24 |
| | | |||
* | | Add new profile: unf (#3060) | glitsj16 | 2019-11-24 |
| | | | | | | | | | | | | * Create unf.profile * Add unf to firecfg.config | ||
* | | Add new profile: gmpc (#3059) | glitsj16 | 2019-11-24 |
| | | | | | | | | | | | | | | | | * Create gmpc.profile * Add gmpc config to disable-programs.inc * Add gmpc to firecfg.config | ||
* | | Add new profile: drawio (#3058) | glitsj16 | 2019-11-24 |
| | | | | | | | | | | | | | | | | * Create drawio.profile * Add drawio config to disable-programs.inc * Add drawio to firecfg.config |