Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | | Fix file.profile | 2018-10-11 | ||
|/ | ||||
* | Write-protection for thumbnailer dir see #2143 (#2144) | 2018-10-07 | ||
| | ||||
* | Fixes #2048 | 2018-10-03 | ||
| | ||||
* | Fixes #2048 | 2018-10-03 | ||
| | ||||
* | AppArmor: Allow writing to removable media | 2018-10-02 | ||
| | ||||
* | fixed discord not able to check for updates | 2018-10-02 | ||
| | ||||
* | Add profile for spectre-meltdown-checker | 2018-09-22 | ||
| | | | | Will need to support allow-debuggers in profiles before it can be enabled in firecfg | |||
* | Misc profile hardening | 2018-09-19 | ||
| | ||||
* | add start-tor-browser.desktop profile | 2018-09-15 | ||
| | ||||
* | Amend gnome-music profile | 2018-09-14 | ||
| | | | | | | | - At least gnome-music 3.28.2 requires 'env' - Add 'gio-launch-desktop' and 'yelp' so launching the "Help" menu doesn't crash the application - Enabling the disabled private-etc tested to be working | |||
* | add switch to disable/enable private-cache | 2018-09-10 | ||
| | ||||
* | remove blacklist /usr/lib/llvm* in dusable-devel.inc - problems with ↵ | 2018-09-07 | ||
| | | | | hardware acceleration on Radeon cards, see issue #2106 | |||
* | Disable tracelog in Tor Browser profiles, see #1930, fixes #2108 | 2018-09-06 | ||
| | ||||
* | adding fluxbox, blackbox, awesome, i3 profiles | 2018-09-03 | ||
| | ||||
* | Merge pull request #2104 from matu3ba/profiles | 2018-09-03 | ||
|\ | | | | | hardening evince, dbus not needed | |||
| * | hardening evince, dbus not needed | 2018-09-01 | ||
| | | ||||
* | | Merges | 2018-09-03 | ||
| | | ||||
* | | created jdownloader profile (#2105) | 2018-09-03 | ||
|/ | | | | | | | | * created jdownloader profile * fixed some issues * few more changes | |||
* | added whois and dig profiles | 2018-08-30 | ||
| | ||||
* | apparmor: cleanup /home path | 2018-08-29 | ||
| | ||||
* | spotify.profile: allow /etc/hosts | 2018-08-28 | ||
| | ||||
* | apparmor: disable exec from home by default | 2018-08-27 | ||
| | | | Executing from /home was supposed to be disabled by default | |||
* | apparmor: improve rules for filesystem access | 2018-08-27 | ||
| | | | | | * Make clear distinction for read, write and execute. * Don't allow write and execute at the same time. * Simplify and improve syntax to catch more exceptions with fewer rules | |||
* | Add private-bin to 0ad | 2018-08-26 | ||
| | ||||
* | Fixup obs.profile (no python) | 2018-08-23 | ||
| | ||||
* | Create pybitmessage.profile (#2092) | 2018-08-23 | ||
| | | | tested on fedora-28 with pybitmessage 0.6.3.2 | |||
* | Update disable-common.inc | 2018-08-23 | ||
| | ||||
* | Misc fixes | 2018-08-22 | ||
| | ||||
* | fix microphone in slack profile - #2034 | 2018-08-23 | ||
| | ||||
* | Update steam.profile to support proton/steamplay | 2018-08-21 | ||
| | ||||
* | Document how to access local mail with thunderbird and claws-mail (fixes #1509) | 2018-08-20 | ||
| | ||||
* | Simplify fix for #2062 | 2018-08-20 | ||
| | ||||
* | Add a profile for ClamTK | 2018-08-19 | ||
| | ||||
* | Minor steam.profile fixup from downstream ParrotSec fork | 2018-08-19 | ||
| | ||||
* | Fixup f9aeac080a830fc1aaf07f0beff781a1ed7e42ad | 2018-08-19 | ||
| | ||||
* | qutebrowser.profile: noblacklist /usr/lib/llvm | 2018-08-19 | ||
| | | | Fixes https://github.com/netblue30/firejail/issues/2087 | |||
* | Revert "apparmor fix: somehow it cannot find the firejail profile to load it" | 2018-08-19 | ||
| | | | | | | | | | | | | This reverts commit 949a221a1b92e422e6dcb7ea6089ed5c8d5cc22a. The 'firejail-default' is the name of 'unnatached' profile not path to it. Moreover names starting with '/' are changing profile type back to 'standard' which in this case means we literally create profile for the profile file itself '/etc/apparmor.d/firejail-default'. That means firejail would never load this profile to contain any app thus we have to revert this. For more info, see https://www.suse.com/documentation/sles-15/singlehtml/book_security/book_security.html#sec.apparmor.profiles.types.unattached | |||
* | Fix for #2062 | 2018-08-19 | ||
| | ||||
* | apparmor fix: somehow it cannot find the firejail profile to load it | 2018-08-19 | ||
| | ||||
* | wireshark.profile: enable apparmor | 2018-08-15 | ||
| | ||||
* | apparmor: cleanup duplicate rules | 2018-08-15 | ||
| | | | Those are already covered with https://github.com/netblue30/firejail/blob/0.9.56-rc1/etc/firejail-default#L33 | |||
* | apparmor: allow execution from /usr/lib64 | 2018-08-15 | ||
| | | | /usr/lib64 was missing from execution whitelist and it's used in openSUSE, see https://github.com/netblue30/firejail/issues/2078 | |||
* | Merge pull request #2081 from SkewedZeppelin/descriptions | 2018-08-14 | ||
|\ | | | | | Add descriptions to profiles | |||
| * | Cleanup descriptions | 2018-08-13 | ||
| | | ||||
| * | Add descriptions to profiles, pulled from Arch Linux | 2018-08-13 | ||
| | | ||||
| * | Add descriptions to profiles, pulled from Ubuntu 18.04 | 2018-08-13 | ||
| | | ||||
* | | spotify.profile: remove /sys from blacklist | 2018-08-14 | ||
| | | | | | | Blacklisting whole /sys is too restrictive, it may break various graphics stacks, see https://github.com/netblue30/firejail/issues/2080 | |||
* | | Add seccomp line from firefox-common to Tor Browser profiles | 2018-08-14 | ||
|/ | | | | - The next version of TBB is based on Firefox 60 and will need the same changes to prevent breakage | |||
* | Add profile for electrum0.9.56-rc1 | 2018-08-13 | ||
| | | | | + minor nitpicks to beaker.profile | |||
* | Add Beaker browser | 2018-08-12 | ||
| |