Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Update disable-programs.inc | 2018-10-11 | |
| | |||
* | Create QMediathekView | 2018-10-11 | |
| | |||
* | Write-protection for thumbnailer dir see #2143 (#2144) | 2018-10-07 | |
| | |||
* | Fixes #2048 | 2018-10-03 | |
| | |||
* | Fixes #2048 | 2018-10-03 | |
| | |||
* | AppArmor: Allow writing to removable media | 2018-10-02 | |
| | |||
* | fixed discord not able to check for updates | 2018-10-02 | |
| | |||
* | Add profile for spectre-meltdown-checker | 2018-09-22 | |
| | | | | Will need to support allow-debuggers in profiles before it can be enabled in firecfg | ||
* | Misc profile hardening | 2018-09-19 | |
| | |||
* | add start-tor-browser.desktop profile | 2018-09-15 | |
| | |||
* | Amend gnome-music profile | 2018-09-14 | |
| | | | | | | | - At least gnome-music 3.28.2 requires 'env' - Add 'gio-launch-desktop' and 'yelp' so launching the "Help" menu doesn't crash the application - Enabling the disabled private-etc tested to be working | ||
* | add switch to disable/enable private-cache | 2018-09-10 | |
| | |||
* | remove blacklist /usr/lib/llvm* in dusable-devel.inc - problems with ↵ | 2018-09-07 | |
| | | | | hardware acceleration on Radeon cards, see issue #2106 | ||
* | Disable tracelog in Tor Browser profiles, see #1930, fixes #2108 | 2018-09-06 | |
| | |||
* | adding fluxbox, blackbox, awesome, i3 profiles | 2018-09-03 | |
| | |||
* | Merge pull request #2104 from matu3ba/profiles | 2018-09-03 | |
|\ | | | | | hardening evince, dbus not needed | ||
| * | hardening evince, dbus not needed | 2018-09-01 | |
| | | |||
* | | Merges | 2018-09-03 | |
| | | |||
* | | created jdownloader profile (#2105) | 2018-09-03 | |
|/ | | | | | | | | * created jdownloader profile * fixed some issues * few more changes | ||
* | added whois and dig profiles | 2018-08-30 | |
| | |||
* | apparmor: cleanup /home path | 2018-08-29 | |
| | |||
* | spotify.profile: allow /etc/hosts | 2018-08-28 | |
| | |||
* | apparmor: disable exec from home by default | 2018-08-27 | |
| | | | Executing from /home was supposed to be disabled by default | ||
* | apparmor: improve rules for filesystem access | 2018-08-27 | |
| | | | | | * Make clear distinction for read, write and execute. * Don't allow write and execute at the same time. * Simplify and improve syntax to catch more exceptions with fewer rules | ||
* | Add private-bin to 0ad | 2018-08-26 | |
| | |||
* | Fixup obs.profile (no python) | 2018-08-23 | |
| | |||
* | Create pybitmessage.profile (#2092) | 2018-08-23 | |
| | | | tested on fedora-28 with pybitmessage 0.6.3.2 | ||
* | Update disable-common.inc | 2018-08-23 | |
| | |||
* | Misc fixes | 2018-08-22 | |
| | |||
* | fix microphone in slack profile - #2034 | 2018-08-23 | |
| | |||
* | Update steam.profile to support proton/steamplay | 2018-08-21 | |
| | |||
* | Document how to access local mail with thunderbird and claws-mail (fixes #1509) | 2018-08-20 | |
| | |||
* | Simplify fix for #2062 | 2018-08-20 | |
| | |||
* | Add a profile for ClamTK | 2018-08-19 | |
| | |||
* | Minor steam.profile fixup from downstream ParrotSec fork | 2018-08-19 | |
| | |||
* | Fixup f9aeac080a830fc1aaf07f0beff781a1ed7e42ad | 2018-08-19 | |
| | |||
* | qutebrowser.profile: noblacklist /usr/lib/llvm | 2018-08-19 | |
| | | | Fixes https://github.com/netblue30/firejail/issues/2087 | ||
* | Revert "apparmor fix: somehow it cannot find the firejail profile to load it" | 2018-08-19 | |
| | | | | | | | | | | | | This reverts commit 949a221a1b92e422e6dcb7ea6089ed5c8d5cc22a. The 'firejail-default' is the name of 'unnatached' profile not path to it. Moreover names starting with '/' are changing profile type back to 'standard' which in this case means we literally create profile for the profile file itself '/etc/apparmor.d/firejail-default'. That means firejail would never load this profile to contain any app thus we have to revert this. For more info, see https://www.suse.com/documentation/sles-15/singlehtml/book_security/book_security.html#sec.apparmor.profiles.types.unattached | ||
* | Fix for #2062 | 2018-08-19 | |
| | |||
* | apparmor fix: somehow it cannot find the firejail profile to load it | 2018-08-19 | |
| | |||
* | wireshark.profile: enable apparmor | 2018-08-15 | |
| | |||
* | apparmor: cleanup duplicate rules | 2018-08-15 | |
| | | | Those are already covered with https://github.com/netblue30/firejail/blob/0.9.56-rc1/etc/firejail-default#L33 | ||
* | apparmor: allow execution from /usr/lib64 | 2018-08-15 | |
| | | | /usr/lib64 was missing from execution whitelist and it's used in openSUSE, see https://github.com/netblue30/firejail/issues/2078 | ||
* | Merge pull request #2081 from SkewedZeppelin/descriptions | 2018-08-14 | |
|\ | | | | | Add descriptions to profiles | ||
| * | Cleanup descriptions | 2018-08-13 | |
| | | |||
| * | Add descriptions to profiles, pulled from Arch Linux | 2018-08-13 | |
| | | |||
| * | Add descriptions to profiles, pulled from Ubuntu 18.04 | 2018-08-13 | |
| | | |||
* | | spotify.profile: remove /sys from blacklist | 2018-08-14 | |
| | | | | | | Blacklisting whole /sys is too restrictive, it may break various graphics stacks, see https://github.com/netblue30/firejail/issues/2080 | ||
* | | Add seccomp line from firefox-common to Tor Browser profiles | 2018-08-14 | |
|/ | | | | - The next version of TBB is based on Firefox 60 and will need the same changes to prevent breakage | ||
* | Add profile for electrum0.9.56-rc1 | 2018-08-13 | |
| | | | | + minor nitpicks to beaker.profile |