| Commit message (Collapse) | Author | Age |
... | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* opt-in for brave's native tor support
* fix brave's native tor support
* warn about potential tor breakage when using apparmor
* update comment for opting in to tor
* move brave's tor apparmor fix in brave.profile
|
| |
| |
| | |
Follow-up for https://github.com/netblue30/firejail/commit/692311bcc6fe0744d7831459ad7ec0bc5811b9a9. Thanks to @rusty-snake for tracking this down in #4202.
|
| |
| |
| | |
Fixes #4202 until we have tooling to generate system-specific lists at install time, as suggested by @loveshack.
|
| |
| |
| |
| | |
[skip ci]
|
| | |
|
| |
| |
| | |
requested in #1139 by @vatonbero
|
| |
| |
| |
| |
| | |
* New profile: Quodlibet
* New profile: Quodlibet
|
| | |
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
discord-canary.profile:
fix #4175
flameshot.profile:
- private-tmp break flameshot (wayland only?)
- Screengrabbing (under wayland) is done via dbus, the following names
must be allowed:
- GNOME: org.gnome.Shell
- KDE: org.kde.KWin
- Sway: org.freedesktop.portal.Desktop
- Allow notifications and tray too, because org.gnome.Shell (for
example) is already totaly unsafe.
mumble.profile:
fix #4181
|
| |
|
| |
|
|\
| |
| | |
steam: some more games added
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Games added:
* Don't Starve
* Dungeons of Dredmor
* Epic
* Loop Hero
* Pillars of Eternity I
* Rogue Legacy I
* Slay the Spire modding
* Steam World Dig I & II
|
| | |
|
|\ \
| | |
| | | |
WebStorm: allow Dolphin to access its config file
|
| |/ |
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
/usr/bin/dropbox needs access to python3, at least for dropbox
command-line interface version 2020.03.04 as packaged by the RPM Fusion
project. Fixes issue #4150
|
|\
| |
| | |
Improve comments in apparmor files
|
| | |
|
| | |
|
|/
|
|
| |
Without it, all chat timestamps are in UTC.
|
| |
|
|
|
|
| |
[skip ci]
|
| |
|
| |
|
|\
| |
| | |
Rename chromium-common-hardened and feh-network …
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
…again
I am still not really happy about the rename from #4028, #4029, #4030
and #4031. I've no problem with moving away .inc but I don't like the
result. So here's a proposal to make this better:
| NAME | DESCRIPTION |
| ------------------------- | ------------------------------------------------------------ |
| `*-addons.profile` | (include) Allow external addons |
| `*-common.profile` | (include) Common parts across multiple profiles |
| `*-hardened.inc.profile` | Further hardening which can not be made default |
| `*-network.inc.profile` | Allow optional network access |
| `*-whitelist.inc.profile` | Enabled whitelisting (which can not be made default) ¹ |
| `*.inc.profile` | Other profile specific includes |
| `*.profile` | A profile for a program |
| `allow-*.inc` | Multiple `noblacklist`s that should always be used together |
| `disable-*.inc` | `blacklist`ing |
| `whitelist-*-common.inc` | common `whitelist`s |
| `*.inc` | Other generic includes |
| `globals.local` | User overrides for all profiles |
| `*.local` | Per profile user overrides |
¹ can be used for programs like KeePassXC or editors.
|
|\ \
| | |
| | | |
Update vmware.profile & dbus-policy for amarok
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/
|/|
| | |
#2989
|
| | |
|
|\ \
| | |
| | | |
[minor] .cache/youtube-viewer in disable-programs.inc
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
| |
| |
| | |
closes #4115
|
| | |
|
|\ \
| | |
| | | |
Add profile for checksum tools
|
| | |
| | |
| | |
| | |
| | |
| | | |
* Oops! Thanks for catching.
* Add quiet
|
|\ \ \
| | | |
| | | | |
Fix for KeePassXC plugin
|
| | | |
| | | |
| | | |
| | | | |
Moved in the right place as in template
https://github.com/netblue30/firejail/blob/master/etc/templates/profile.template
|