firejail - Mirror of https://github.com/netblue30/firejail

	Commit message (Collapse)	Author	Age
*	harden peek; update README.md; add gnome-sound-…	rusty-snake	2020-10-23
\| \| \| \|	…recorder to firecfg.config
*	Fix vlc blu-ray playback with libaacs	Jan Sonntag	2020-10-20
\|
*	Update virtualbox.profile	Bundy01	2020-10-19
\|
*	update firefox fedora private-bin [skip ci]	rusty-snake	2020-10-16
\|
*	flameshot has changed it's APP-ID	rusty-snake	2020-10-16
\| \| \| \|	closes #3643
*	Merge pull request #3667 from Neo00001/patch-2	rusty-snake	2020-10-13
\|\ \| \| \| \|	Update wire-desktop.profile (again)
\| *	Update wire-desktop.profile	Neo00001	2020-10-13
\| \|
\| *	Update wire-desktop.profile (again)	Neo00001	2020-10-13
\| \| \| \| \| \|	On arch,wire-desktop is now depending on electron9. Using wildcard for this sorta packages would be better.
* \|	merges, fix for #3662 etc.	netblue30	2020-10-13
\|/
*	Fix AppArmor 3.0 support (closes #3659)	Kristóf Marussy	2020-10-10
\| \| \| \| \| \| \| \| \| \| \| \|	AppArmor introduces the @{run} variable, which is used in <abstractions/dbus-strict> and <abstractions/dbus-session-strict> among other places. Thus, we follow suit of the built-in profiles and #include <tunables/global>, which includes <tunables/run> in AppArmor 3.0, defining the variable. As <tunables/global> exists in previous versions of AppArmor, too, this patch does not introduce a backward-compatibility issue with Apparmor 2.x.
*	Update vmware.profile	Neo00001	2020-10-06
\| \| \|	With private-etc enabled vmware-tools doesn't get installed. Existing VM with an installed vmware-tools works as usual. For the time being keep it commented.
*	New profile: equalx	rusty-snake	2020-10-03
\|
*	chromium-freeworld profile (#3633)	rusty-snake	2020-10-03
\|
*	splitting up media players whitelists in whitelist-players.inc	netblue30	2020-10-02
\|
*	new profile: xournalpp	rusty-snake	2020-09-25
\|
*	fix eog profile	netblue30	2020-09-14
\|
*	New profiles + fixes + hardening	rusty-snake	2020-09-14
\| \| \| \| \| \| \| \|	- blacklist ~/.rustup in disable-devel.inc - add note to mpv (See #3628) - harden warsow - update relnotes - new profile qrencode, dbus-send, notify-send
*	profstats: track dbus-system none	netblue30	2020-09-08
\|
*	fix #3625 -- hedgewars crashes without access to liblua	rusty-snake	2020-09-07
\|
*	New disable include: disable-write-mnt.inc (#3622)	rusty-snake	2020-09-07
\| \| \| \| \| \| \| \| \| \| \| \| \|	* New disable include: disable-write-mnt.inc It is for profiles which have a reasonable mnt access (we can not add disable-mnt), but no edit function (e.g. any kind of viewer). Added to - profile.template - default.profile - eo-common.profile * Update default.profile
*	fix rhythmbox (2)	rusty-snake	2020-09-05
\|
*	fix rhythmbox	rusty-snake	2020-09-05
\|
*	various	rusty-snake	2020-09-03
\| \| \| \| \| \| \| \| \| \| \| \|	* README.md & RELNOTES * Allow gnome-build do read and write .bash_history, it has a build-in terminal * D-Bus filter for gnome-passwordsafe * wruc for supertuxkart * wruc+wusc for totem * dbus-system none for totem * remove src/man/preproc.c it is replaced by preproc.awk * remove dead-code form preproc.awk
*	Add profile for twitch,youtube,youtube-music; fix git-cola ,add cola (#3577)	kortewegdevries	2020-09-03
\| \| \| \| \| \| \| \| \| \| \| \| \|	* Add profile for twitch,youtube wrappers * Fix git-cola, add Youtube music wrapper profiles * Fixes for git-cola again * Add profile for alternative name for git-cola * Fixes * Fix
*	New profiles for balsa,trojita,kube (#3603)	kortewegdevries	2020-09-03
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Added minecraft-launcher-profile Initial * Changed minecraft-launcher profile Added space,tracelog,nodvd * New profiles for balsa,trojita,kube * Switch to whitelisting * Enable gpg,firefox uniformity between other clients * Hyperlinks * Fix Co-authored-by: kortewegdevries <k0rtic_dv@aol.com>
*	fix private-bin in smplayer.profile	glitsj16	2020-09-02
\|
*	fix private-bin in mpv.profile	glitsj16	2020-09-02
\|
*	fix private-bin in man.profile	glitsj16	2020-09-02
\|
*	fix private-etc ordering	glitsj16	2020-09-02
\|
*	harden redeclipse	rusty-snake	2020-09-02
\|
*	allow flatpak/exports also for systemd-wide location	rusty-snake	2020-09-02
\|
*	readme and relnotes	rusty-snake	2020-09-02
\|
*	New profile for man,psi,smuxi; fix pidgin (#3590)	kortewegdevries	2020-09-02
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Profile for Psi * Fix pidgin buddy icon * Profile for man * Add profile for smuxi * Comment man in firecfg * Add pinentry programs * Update etc/profile-m-z/psi.profile Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
*	Fix private-etc of electron-mail, fix geary,minitube (#3588)	kortewegdevries	2020-09-02
\| \| \| \| \| \| \| \| \|	* Fix private-etc of electron-mail * Fix dbus of geary * Fix geary again, remove GPG * Fix seccomp on Arch
*	Fixes #3596 (#3619)	kortewegdevries	2020-09-02
\|
*	Various profiles # 2 (#3566)	kortewegdevries	2020-09-02
\| \| \| \| \| \| \| \| \|	* Matrix clients Initial * Add profile for fractal, # 1139 * Fixes
*	Various profiles (#3561)	kortewegdevries	2020-09-02
\| \| \| \| \| \| \| \| \|	* Various profiles Initial * Various fixes # 1 Removed blacklist,no3d; added icon flatpak paths;sorting;added space
*	#3106-1, include @mount in @default insted of all the syscalls	rusty-snake	2020-09-01
\|
*	fix #3614 -- telegram.profile needs netlink protocol	rusty-snake	2020-08-30
\|
*	whitelist-var-common.inc: fix certificate verification	smitsohu	2020-08-26
\|
*	wusc whitelists /usr/share/perl{,5} now	rusty-snake	2020-08-25
\| \| \| \| \| \| \|	This commit removes it from profile which have it. /usr/share/perl* is still inaccessible for profiles with wusc and disable-interpreters.inc w/o allow-perl.inc.
*	add whitelist items for uim (#3587)	Anton Shestakov	2020-08-24
\| \| \| \| \| \| \| \| \|	* add ~/.uim.d directory to whitelist-common.inc uim is a multilingual input method framework (similar to ibus, which has its own entry in this file). * add /var/lib/uim to whitelist-var-common.inc When user installs an uim module (for example, an input method like anthy or mozc), it gets registered in a file in this directory.
*	renamed /etc/apparmor.d/local/firejail-local to ↵	netblue30	2020-08-22
\| \| \| \|	/etc/apparmor.d/local/firejail.default - merge form 0.9.62.4
*	Allow video for Signal profile.	Ondřej Nový	2020-08-17
\| \| \| \| \|	Signal is adding support for video calls on desktop, see https://signal.org/blog/desktop-calling-beta/
*	Fix missing mkfile in 5d741795c3bb2060730e282a8f512b999418e098	Fred Barclay	2020-08-16
\|
*	Use whitelisting for video players (#3472)	Fred Barclay	2020-08-15
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Use whitelisting for video players See https://github.com/netblue30/firejail/pull/3469 * Update media player whitelists See reviews at https://github.com/netblue30/firejail/pull/3472 Block $DOCUMENTS Make $DESKTOP read-only * Review fixes: include read-only Desktop in whitelist
*	Merge pull request #3583 from kortewegdevries/fixnomacs	Fred Barclay	2020-08-13
\|\ \| \| \| \|	Fix nomacs
\| *	Fix nomacs	kortewegdevries	2020-08-11
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	``` Aug 11 16:32:32 korte audit[29004]: SECCOMP auid=1000 uid=1000 gid=1000 ses=2 subj==firejail-default (enforce) pid=29004 comm="nomacs" exe="/usr/bin/nomacs" sig=31 arch=c000003e syscall=9 compat=0 ip=0x7fa2a1cc98c6 code=0x0 ```
* \|	Merge pull request #3569 from topimiettinen/seccomp-log	startx2017	2020-08-12
\|\ \ \| \| \| \| \| \|	seccomp: logging
\| * \|	seccomp: logging	Topi Miettinen	2020-08-05
\| \|/ \| \| \| \| \| \| \| \| \| \| \| \|	Allow `log` as an alternative seccomp error action instead of killing or returning an errno code. Signed-off-by: Topi Miettinen <toiwoton@gmail.com>