aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* Update disable-programs.incLibravatar glitsj162018-10-11
|
* Create QMediathekViewLibravatar glitsj162018-10-11
|
* Write-protection for thumbnailer dir see #2143 (#2144)Libravatar curiosity-seeker2018-10-07
|
* Fixes #2048Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-10-03
|
* Fixes #2048Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-10-03
|
* AppArmor: Allow writing to removable mediaLibravatar Vincent432018-10-02
|
* fixed discord not able to check for updatesLibravatar veloute2018-10-02
|
* Add profile for spectre-meltdown-checkerLibravatar Tad2018-09-22
| | | | Will need to support allow-debuggers in profiles before it can be enabled in firecfg
* Misc profile hardeningLibravatar Tad2018-09-19
|
* add start-tor-browser.desktop profileLibravatar netblue302018-09-15
|
* Amend gnome-music profileLibravatar Jean Lucas2018-09-14
| | | | | | | - At least gnome-music 3.28.2 requires 'env' - Add 'gio-launch-desktop' and 'yelp' so launching the "Help" menu doesn't crash the application - Enabling the disabled private-etc tested to be working
* add switch to disable/enable private-cacheLibravatar smitsohu2018-09-10
|
* remove blacklist /usr/lib/llvm* in dusable-devel.inc - problems with ↵Libravatar netblue302018-09-07
| | | | hardware acceleration on Radeon cards, see issue #2106
* Disable tracelog in Tor Browser profiles, see #1930, fixes #2108Libravatar Tad2018-09-06
|
* adding fluxbox, blackbox, awesome, i3 profilesLibravatar netblue302018-09-03
|
* Merge pull request #2104 from matu3ba/profilesLibravatar netblue302018-09-03
|\ | | | | hardening evince, dbus not needed
| * hardening evince, dbus not neededLibravatar janph2018-09-01
| |
* | MergesLibravatar Tad2018-09-03
| |
* | created jdownloader profile (#2105)Libravatar veloute2018-09-03
|/ | | | | | | | * created jdownloader profile * fixed some issues * few more changes
* added whois and dig profilesLibravatar startx20172018-08-30
|
* apparmor: cleanup /home pathLibravatar Vincent432018-08-29
|
* spotify.profile: allow /etc/hostsLibravatar Vincent432018-08-28
|
* apparmor: disable exec from home by defaultLibravatar Vincent432018-08-27
| | | Executing from /home was supposed to be disabled by default
* apparmor: improve rules for filesystem accessLibravatar Vincent432018-08-27
| | | | | * Make clear distinction for read, write and execute. * Don't allow write and execute at the same time. * Simplify and improve syntax to catch more exceptions with fewer rules
* Add private-bin to 0adLibravatar Fred-Barclay2018-08-26
|
* Fixup obs.profile (no python)Libravatar Tad2018-08-23
|
* Create pybitmessage.profile (#2092)Libravatar 1dnrr2018-08-23
| | | tested on fedora-28 with pybitmessage 0.6.3.2
* Update disable-common.incLibravatar 1dnrr2018-08-23
|
* Misc fixesLibravatar Tad2018-08-22
|
* fix microphone in slack profile - #2034Libravatar smitsohu2018-08-23
|
* Update steam.profile to support proton/steamplayLibravatar Tad2018-08-21
|
* Document how to access local mail with thunderbird and claws-mail (fixes #1509)Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-08-20
|
* Simplify fix for #2062Libravatar Tad2018-08-20
|
* Add a profile for ClamTKLibravatar Tad2018-08-19
|
* Minor steam.profile fixup from downstream ParrotSec forkLibravatar Tad2018-08-19
|
* Fixup f9aeac080a830fc1aaf07f0beff781a1ed7e42adLibravatar Tad2018-08-19
|
* qutebrowser.profile: noblacklist /usr/lib/llvmLibravatar Vincent432018-08-19
| | | Fixes https://github.com/netblue30/firejail/issues/2087
* Revert "apparmor fix: somehow it cannot find the firejail profile to load it"Libravatar Vincent432018-08-19
| | | | | | | | | | | | This reverts commit 949a221a1b92e422e6dcb7ea6089ed5c8d5cc22a. The 'firejail-default' is the name of 'unnatached' profile not path to it. Moreover names starting with '/' are changing profile type back to 'standard' which in this case means we literally create profile for the profile file itself '/etc/apparmor.d/firejail-default'. That means firejail would never load this profile to contain any app thus we have to revert this. For more info, see https://www.suse.com/documentation/sles-15/singlehtml/book_security/book_security.html#sec.apparmor.profiles.types.unattached
* Fix for #2062Libravatar ಚಿರಾಗ್ ನಟರಾಜ್2018-08-19
|
* apparmor fix: somehow it cannot find the firejail profile to load itLibravatar netblue302018-08-19
|
* wireshark.profile: enable apparmorLibravatar Vincent432018-08-15
|
* apparmor: cleanup duplicate rulesLibravatar Vincent432018-08-15
| | | Those are already covered with https://github.com/netblue30/firejail/blob/0.9.56-rc1/etc/firejail-default#L33
* apparmor: allow execution from /usr/lib64Libravatar Vincent432018-08-15
| | | /usr/lib64 was missing from execution whitelist and it's used in openSUSE, see https://github.com/netblue30/firejail/issues/2078
* Merge pull request #2081 from SkewedZeppelin/descriptionsLibravatar netblue302018-08-14
|\ | | | | Add descriptions to profiles
| * Cleanup descriptionsLibravatar Tad2018-08-13
| |
| * Add descriptions to profiles, pulled from Arch LinuxLibravatar Tad2018-08-13
| |
| * Add descriptions to profiles, pulled from Ubuntu 18.04Libravatar Tad2018-08-13
| |
* | spotify.profile: remove /sys from blacklistLibravatar Vincent432018-08-14
| | | | | | Blacklisting whole /sys is too restrictive, it may break various graphics stacks, see https://github.com/netblue30/firejail/issues/2080
* | Add seccomp line from firefox-common to Tor Browser profilesLibravatar Tad2018-08-14
|/ | | | - The next version of TBB is based on Firefox 60 and will need the same changes to prevent breakage
* Add profile for electrum0.9.56-rc1Libravatar Tad2018-08-13
| | | | + minor nitpicks to beaker.profile
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-07 04:48:41 +0000