| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | fix #4714 |  netblue30 | 2021-11-29 |
| | | |||
| * | disable by default several network tools | netblue30 | 2021-11-24 |
| | | |||
| * | Merge pull request #4688 from Bundy01/master | netblue30 | 2021-11-23 |
| |\ | | | | | Update firejail-local for Brave + ipfs | ||
| | * | Update firejail-local for Brave + ipfs |  Bundy01 | 2021-11-14 |
| | | | |||
| * | | cleanup | netblue30 | 2021-11-23 |
| | | | |||
| * | | Merge pull request #4438 from caydey/master | netblue30 | 2021-11-23 |
| |\ \ | |/ |/| | Added `quiet` to some CLI profiles | ||
| | * | Added "quiet" to profile |  caydey | 2021-08-03 |
| | | | |||
| | * | Added ~/Private blacklist | caydey | 2021-08-02 |
| | | | |||
| * | | Profile fixes |  rusty-snake | 2021-11-14 |
| | | | | | | | | | | | | | | | | | - Update RELNOTES and README.md - disable-common.inc - blacklist ${HOME}/.local/share/ibus-typing-booster - blacklist /run/timeshift (closes #4660) - fix audacity.profile (closes #4659) | ||
| * | | Merge pull request #4635 from smitsohu/noorphans | netblue30 | 2021-11-13 |
| |\ \ | | | | | | | deterministic-shutdown option | ||
| | * | | deterministic-shutdown option |  smitsohu | 2021-10-28 |
| | | | | |||
| * | | | Merge pull request #4681 from jmetrius/openstego-profile | netblue30 | 2021-11-13 |
| |\ \ \ | | | | | | | | | Add OpenStego profile | ||
| | * | | | implement review suggestions |  Jan Sonntag | 2021-11-12 |
| | | | | | |||
| | * | | | sort.py cleanup | Jan Sonntag | 2021-11-12 |
| | | | | | |||
| | * | | | Add OpenStego profile | Jan Sonntag | 2021-11-12 |
| | | | | | |||
| * | | | | Merge pull request #4679 from pirate486743186/patch-3 | netblue30 | 2021-11-13 |
| |\ \ \ \ | | | | | | | | | | | update yt-dlp.profile | ||
| | * | | | | update yt-dlp.profile |  pirate486743186 | 2021-11-11 |
| | |/ / / | | | | | | | | | ffprobe used for embedding images in difficult cases. | ||
| * | | | | Merge pull request #4680 from kmk3/dc-fix-slock-path | netblue30 | 2021-11-13 |
| |\ \ \ \ | | | | | | | | | | | disable-common.inc: fix paths of slock and physlock | ||
| | * | | | | disable-common.inc: fix paths of slock and physlock |  Kelvin M. Klann | 2021-11-11 |
| | |/ / / | | | | | | | | | | | | | | | | | | | | | Added on commit f0adf06c3 ("disable-common.inc: more SUID", 2021-11-09). Relates to #4668. | ||
| * / / / | telnet and ftp | netblue30 | 2021-11-12 |
| |/ / / | |||
| * | | | change Fedora ssh fix |  glitsj16 | 2021-11-10 |
| | | | | | | | | | | Suggested in https://github.com/netblue30/firejail/pull/4675#discussion_r746510840. Makes sense! | ||
| * | | | add Fedora fix | glitsj16 | 2021-11-10 |
| | | | | | | | | | | | | | Added Fedora path as per https://github.com/netblue30/firejail/pull/4675#pullrequestreview-802438767. NOTE: there are several other profiles touching /usr/libexec, so untill someone on Fedora can shed some light on what files are installed under /usr/libexec, I only blacklisted ssh-keysign. I'll pick this up tomorrow, a bit pressed for time in the non-digital worlds... | ||
| * | | | add Fedora fixes | glitsj16 | 2021-11-10 |
| | | | | | | | | | | Added Fedora path as per https://github.com/netblue30/firejail/pull/4675#pullrequestreview-802438767. | ||
| * | | | fixes for ssh | glitsj16 | 2021-11-10 |
| | | | | | | | | | | Counterpart fix for changes in allow-ssh.inc. | ||
| * | | | fixes for ssh | glitsj16 | 2021-11-10 |
| | | | | | | | | | | After seeing https://github.com/netblue30/firejail/commit/9a81078ddbbb4215d06f7d1861481ece05ebda99 it dawned on me that Arch Linux doesn't have /usr/lib/openssh, but uses /usr/lib/ssh instead. That's a different path than what's referenced in our current {allow-ssh,disable-common}.inc files. Some very superficial checks revealed that OpenSSH seems to be packaged quite differently, at least on Debian/Ubuntu and Arch Linux. And then there's version differences on non-rolling distro's to consider. All in all IMO it makes more sense to (no)blacklist /usr/lib/openssh and /usr/lib/ssh instead of referencing all the possible individual files that live under those paths. | ||
| * | | | disable-common.inc: fix ssh | netblue30 | 2021-11-09 |
| | | | | |||
| * | | | disable-common.inc: more SUID | netblue30 | 2021-11-09 |
| | | | | |||
| * | | | disable-common.inc: vmware SUID binaries | netblue30 | 2021-11-09 |
| | | | | |||
| * | | | disable-common.inc: disable chrome-sandbox | netblue30 | 2021-11-09 |
| | | | | |||
| * | | | disable-common.inc: blacklist ssh | netblue30 | 2021-11-09 |
| | | | | |||
| * | | | adding more SUID executables to disable-common.inc | netblue30 | 2021-11-04 |
| | | | | |||
| * | | | apparmor base drop-in: remove chroot/overlay paths | smitsohu | 2021-11-01 |
| | | | | | | | | | | | | | | | | | | | As the upstream AppArmor base abstraction does not contain references to paths in /run/firejail/mnt/oroot there is not much point to have them in our drop-in | ||
| * | | | ids: add some more paths | smitsohu | 2021-10-31 |
| | | | | |||
| * | | | adding noprofile.profile from rusty-snake | netblue30 | 2021-10-30 |
| | | | | |||
| * | | | Merge pull request #4643 from rusty-snake/profile-checks | Kelvin M. Klann | 2021-10-29 |
| |\ \ \ | | | | | | | | | Profile Checks | ||
| | * | | | Sort disaple-programs.inc | rusty-snake | 2021-10-27 |
| | | | | | |||
| | * | | | Add alteratives and ld.so.cache to all private-etc lines | rusty-snake | 2021-10-27 |
| | |/ / | | | | | | | | | | Command is the same as in d8d97acb | ||
| * / / | update mpv.profile | pirate486743186 | 2021-10-24 |
| |/ / | | | | | add yt-dlp in private-bin | ||
| * | | Add disable-proc to firefox-common | rusty-snake | 2021-10-23 |
| | | | |||
| * | | Remove 'none' from private-etc lines | rusty-snake | 2021-10-23 |
| | | | |||
| * | | wrc: whitelist journal sockets | smitsohu | 2021-10-23 |
| | | | | | | | | | fixes --tracelog among other things | ||
| * | | add wrc to several profiles | smitsohu | 2021-10-23 |
| | | | |||
| * | | promote /run/udev/data to wrc | smitsohu | 2021-10-23 |
| | | | |||
| * | | disable-exec: add /run/shm | smitsohu | 2021-10-23 |
| | | | |||
| * | | Merge pull request #4628 from smitsohu/aa | netblue30 | 2021-10-21 |
| |\ \ | | | | | | | add basic Firejail support to AppArmor base abstraction (#3226) | ||
| | * | | add basic Firejail support to AppArmor base abstraction (#3226) | smitsohu | 2021-10-21 |
| | | | | |||
| * | | | Merge pull request #4600 from crocket/master | netblue30 | 2021-10-21 |
| |\ \ \ | | | | | | | | | Add profiles for imv, retroarch, and torbrowser | ||
| | * | | | Add profiles for imv, retroarch, and torbrowser |  crocket | 2021-10-17 |
| | | | | | | | | | | | | | | | | | | | | | imv, retroarch, and torbrowser are also added to firecfg.config | ||
| * | | | | Merge pull request #4612 from jose1711/blobwars_fix | netblue30 | 2021-10-21 |
| |\ \ \ \ | | | | | | | | | | | blobwars: add path to game assets compatible with Arch | ||
| | * | | | | blobwars: add path to game assets compatible with Arch |  Jose Riha | 2021-10-17 |
| | | | | | | |||
 |
index : firejail | |
| Mirror of https://github.com/netblue30/firejail | Firejail Authors |
| aboutsummaryrefslogtreecommitdiffstats |