aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* Merge pull request #1426 from VladimirSchowalter20/masterLibravatar startx20172017-08-02
|\ | | | | Apparmor: add local configuration
| * Minor fix for completnessLibravatar Vladimir Schowalter2017-08-02
| |
| * Apparmor: add local configurationLibravatar Vladimir Schowalter2017-08-02
| |
* | Merge pull request #1424 from ↵Libravatar startx20172017-08-02
|\ \ | | | | | | | | | | | | VladimirSchowalter20/VladimirSchowalter20-apparmor-kde-fix Apparmor: update whitelist path for kde
| * | Apparmor: update whitelist path for kdeLibravatar Vladimir Schowalter2017-08-02
| |/
* | Add rambox profile from #1425Libravatar Fred Barclay2017-08-02
| |
* | FixesLibravatar Fred-Barclay2017-08-02
| |
* | Add back net none/netfilter as neededLibravatar Fred-Barclay2017-08-02
| |
* | Partially synchronize Chromium-based profilesLibravatar Tad2017-08-02
| |
* | Add noexec to more profiles as tested by @curiosity-seekerLibravatar Tad2017-08-02
| | | | | | | | See https://github.com/netblue30/firejail/pull/1367#issuecomment-315793729
* | Initial adding of memory-deny-write-execute to profilesLibravatar Tad2017-08-02
| | | | | | | | | | | | | | | | - mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible - mdwe also breaks most 3d accelerated programs such as 3d games - mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference -- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf -- See https://github.com/nning/linux-pax-flags
* | Harden profilesLibravatar Tad2017-08-02
|/ | | | | | | | - Added 'disable-devel.conf' to many profiles - Added 'disable-mnt' to many profiles - Added 'noexec' to many profiles - Removed 'netfilter' and 'net none' from profiles with 'protocol unix' - Cleaned up profiles using defaults
* x11/xpra supportLibravatar netblue302017-08-01
|
* Add some /proc dirs to firejail apparmor profileLibravatar Vladimir Schowalter2017-08-02
|
* Fix #1420Libravatar Tad2017-07-31
|
* telegram is called telegram-desktop in DebianLibravatar Rahiel Kasim2017-07-30
|
* Add a profile for armLibravatar Tad2017-07-29
|
* new profilesLibravatar netblue302017-07-29
|
* arp reworkLibravatar netblue302017-07-29
|
* Zoom cache dirLibravatar Raphaël Droz2017-07-27
| | | | | Zoom seems to use of a QT cache-disk feature which depends upon a ~/.cache/<app>/qmlcache directory. If it can not, Zoom will segfault with mprotect failed in ExecutableAllocator::makeExecutable: Permission denied
* Allow eom and xviewer to write to user's trashLibravatar Fred-Barclay2017-07-27
|
* Updates after mergesLibravatar Fred-Barclay2017-07-27
|
* Add Electron and Riot profilesLibravatar Aidan Gauland2017-07-27
| | | | | | | * Add a generic profile for Electron applications. * Add a specific profile for Riot based on this new Electron profile. * Addresses vector-im/riot-web#3004 * Fulfils profile request for Riot.im in netblue30/firejail#1139
* Add access to trashLibravatar Panzerfather2017-07-23
| | | Eog needs access to trash to delete files
* apparmor fixesLibravatar netblue302017-07-21
|
* Merge pull request #1372 from rccavalcanti/chromium_archLibravatar netblue302017-07-16
|\ | | | | Fix permission denied for chromium-flags.conf in Arch
| * Fix permission denied for chromium-flags.conf in ArchLibravatar Rafael Cavalcanti2017-07-10
| |
* | Fix typoLibravatar Fred-Barclay2017-07-14
| |
* | Re-add .ssh to noblacklist for andriod-studio and idea.shLibravatar Fred-Barclay2017-07-14
| |
* | Add quiet to exiftool profileLibravatar announ2017-07-13
| |
* | Fix .java after e2449ae7d25925cec444ac08bbfb9cbc7199e647Libravatar Tad2017-07-13
| |
* | Update after merge #1374Libravatar Fred-Barclay2017-07-13
| | | | | | | | | | This introduces blacklist ~/.java to disable-programs.inc, so it may break some existing profiles that depend on it.
* | Merge pull request #1374 from SpotComms/ideaLibravatar Fred Barclay2017-07-13
|\ \ | | | | | | Add profiles for IntelliJ IDEA and Android Studio
| * | Update idea.sh.profileLibravatar Fred Barclay2017-07-13
| | | | | | | | | Don't allow ~/.ssh access
| * | Update android-studio.profileLibravatar Fred Barclay2017-07-13
| | | | | | | | | Don't allow ~/.ssh access
| * | Add a profile for IntelliJ IDEA and Android StudioLibravatar Tad2017-07-11
| | |
* | | Cleanup from merges #1369 and #1373Libravatar Fred-Barclay2017-07-13
| | |
* | | Merge pull request #1373 from SpotComms/saLibravatar Fred Barclay2017-07-11
|\ \ \ | | | | | | | | Add a profile for SILENTARMY
| * | | Add a profile for SILENTARMYLibravatar Tad2017-07-11
| |/ /
* | / profiles: tracelog breaks integrated browser in steamLibravatar Reiner Herrmann2017-07-11
| |/ |/| | | | | | | Thanks to @viq for the hint. Fixes: #1280
* | Fix #1370Libravatar Fred-Barclay2017-07-09
| |
* | Add profile for PeekLibravatar SpotComms2017-07-09
|/
* Merge pull request #1365 from SpotComms/masterLibravatar netblue302017-07-05
|\ | | | | Harden 50 profiles
| * Harden 50 profilesLibravatar Tad2017-07-04
| | | | | | | | | | Hardened many profiles using disable-mnt and novideo Fixed gnome-font-viewer
* | add ld.so.cache to private-etcLibravatar Fred-Barclay2017-07-04
|/
* Merge pull request #1363 from announ/ytdlnetrcLibravatar netblue302017-07-04
|\ | | | | Allow ~/.netrc for youtube-dl
| * Allow ~/.netrc for youtube-dlLibravatar announ2017-07-04
| |
* | fix palemoon profileLibravatar netblue302017-07-04
|/
* Allow env for youtube-dl in mpv profileLibravatar announ2017-06-30
| | | | youtube-dl uses `/usr/bin/env` as its interpreter. If `env` is not available, mpvʼs execution of youtube-dl fails.
* Merge pull request #1357 from BafDyce/lifereaLibravatar netblue302017-06-30
|\ | | | | Add profile for Liferea
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 19:19:04 +0000