| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Merge pull request #2928 from topimiettinen/seccomp-more-groups |  netblue30 | 2019-08-29 |
| |\ | | | | | Add further seccomp groups | ||
| | * | Add further seccomp groups |  Topi Miettinen | 2019-08-28 |
| | | | | | | | | | Get further seccomp group definitions from systemd. | ||
| * | | fix previous merge | netblue30 | 2019-08-29 |
| | | | |||
| * | | Merge branch 'master' into seccomp-allow-exceptions | netblue30 | 2019-08-29 |
| |\ \ | |||
| | * | | seccomp fix: allow numeric syscalls |  aoand | 2019-08-26 |
| | |/ | | | | | | | as per man page, numeric syscall is indicated by the dollar sign '$' | ||
| * / | Allow exceptions to seccomp lists | Topi Miettinen | 2019-08-25 |
| |/ | | | | | | | Prefix ! can be used to make exceptions to system call blacklists and whitelists used by seccomp, seccomp.drop and seccomp.keep. Closes #1366 | ||
| * | various fixes and improvements |  rusty-snake | 2019-08-22 |
| | | | | | | | | | | | | | - install contrib/syscalls.sh - add GitLab-CI status to README.md - read-only ${HOME}/.cargo/env - move blacklist ${HOME}/.cargo/registry, ${HOME}/.cargo/config to disable-programs - typo in man firejail firejail-profiles firecfg - better descriptions in man firejail-profiles - fixes in man firejail - template descriptions in firejail-profiles | ||
| * | added i2prouter to firecfg |  core_contingency | 2019-08-21 |
| | | |||
| * | Fix revert of previous trace fix. The issue was that programs were crashing ↵ |  Glenn Washburn | 2019-08-21 |
| | | | | | because libtrace hooked libc calls were being executed before the libtrace library was initialized. This was due to other loaded libraries being initialized first. | ||
| * | fix private-bin for tb-starter-wrapper #2863 | rusty-snake | 2019-08-19 |
| | | |||
| * | Merge pull request #2909 from gm10/fix-get_user | netblue30 | 2019-08-18 |
| |\ | | | | | get_user() do not use the unreliable getlogin() | ||
| | * | get_user() do not use the unreliable getlogin() |  gm10 | 2019-08-13 |
| | | | |||
| * | | profiles: add kiwix-desktop |  Tad | 2019-08-18 |
| | | | |||
| * | | fix --trace | netblue30 | 2019-08-17 |
| |/ | |||
| * | Add unzstd profile (#2903) |  glitsj16 | 2019-08-12 |
| | | | | | | | * Create unzstd.profile * Add unzstd to firecfg.config | ||
| * | Add zstd (redirect) profile(s) (#2902) | glitsj16 | 2019-08-12 |
| | | | | | | | | | | | | | | | | | * Create zstd.profile * Create pzstd.profile * Create zstdcat.profile * Create zstdgrep.profile * Create zstdless.profile * Create zstdmt.profile * Add zstd and its redirect profiles to firecfg.config | ||
| * | add bzcat profile |  smitsohu | 2019-08-12 |
| | | |||
| * | rewrite/partial revert of 8bff773d6a7bf70c97b3d5b751df9ec0dd6c8b5d | smitsohu | 2019-08-09 |
| | | | | | | | | the commit in question introduced an early check of Firejail configuration file, which broke "firejail in firejail" for some sandboxes. see issue #2877 | ||
| * | integrate private home options with nosound and x11 none | smitsohu | 2019-08-07 |
| | | | | | fixes #2867 | ||
| * | private home: don't create unused temporary files | smitsohu | 2019-08-07 |
| | | |||
| * | tune pam-tmpdir file permissions | smitsohu | 2019-08-01 |
| | | |||
| * | Merge pull request #2883 from flacks/profiles/whalebird |  SkewedZeppelin | 2019-08-01 |
| |\ | | | | | Add Whalebird profile | ||
| | * | Add Whalebird profile |  Jean Lucas | 2019-07-31 |
| | | | |||
| * | | Add new Tor Browser alias | Jean Lucas | 2019-07-31 |
| |/ | | | | | | | | | - tor-browser in the AUR is an international package; all other individual language variants have been removed, so, add new alias - Add 'tor-browser' and 'mv' to private-bin in launcher profile ('mv' is required when upgrading tor-browser versions) - Add 'tor-browser' to firecfg.config - Add config dir to disable-programs.inc | ||
| * | Corrections | Jean Lucas | 2019-07-31 |
| | | | | | | | - Add Zulip config dir to disable-programs.inc - Add disable-xdg.inc to Zulip profile - Add Zulip to firecfg.config | ||
| * | Add tb-starter-wrapper.profile (#2863) | rusty-snake | 2019-07-28 |
| | | |||
| * | fix private-tmp/pam-tmpdir interaction - #2685 | smitsohu | 2019-07-27 |
| | | |||
| * | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2019-07-25 |
| |\ | |||
| | * | fix make scan-build for debian 10 and arch | netblue30 | 2019-07-22 |
| | | | |||
| * | | fix whitelisting for homedirs outside /home | smitsohu | 2019-07-25 |
| | | | |||
| * | | fix verbosity for non-authorized user | smitsohu | 2019-07-22 |
| |/ | | | | | | users not in firejail.users should only see the error, not the symlink warning. Also exposes less code to non- authorized users. | ||
| * | fix gucharmap & add gnome-characters, gnome-character-map | rusty-snake | 2019-07-18 |
| | | |||
| * | document profile support for allow-debuggers in firejail-profile man page ↵ |  Sebastian Hafner | 2019-07-17 |
| | | | | | (#2861) | ||
| * | faudit: fix gcc stringop-truncation warning | smitsohu | 2019-07-17 |
| | | |||
| * | check for dir existence before private-* mount | smitsohu | 2019-07-16 |
| | | | | fixes #2859 | ||
| * | profile support for allow-debuggers (#2856) | Sebastian Hafner | 2019-07-15 |
| | | |||
| * | homedirs: turn "informational error" into warning | smitsohu | 2019-07-14 |
| | | |||
| * | don't allow root directory as home | smitsohu | 2019-07-14 |
| | | |||
| * | uniformly mask /home in all private home options | smitsohu | 2019-07-12 |
| | | |||
| * | private-home: remove redundancy | smitsohu | 2019-07-12 |
| | | |||
| * | rename some variables so they don't shadow others with same name |  Reiner Herrmann | 2019-07-11 |
| | | | | | via lgtm.com | ||
| * | Merge pull request #2850 from disconnect3d/patch-1 | Reiner Herrmann | 2019-07-11 |
| |\ | | | | | Update pid.c | ||
| | * | Update pid.c |  Disconnect3d | 2019-07-10 |
| | | | | | | | Remove redundant `child` variable in src/lib/pid.c | ||
| * | | Update libpostexecseccomp.c (#2851) | Disconnect3d | 2019-07-11 |
| | | | | | | | | | | | | | | | | | | | * Update libpostexecseccomp.c Remove `if (size != 0)` condition, which is always true as there is a `if (size <= 0)` condition before. Also note that if the `if (size <= 0)` condition wouldn't be there and `size` would be 0, there would have been an undefined behavior in due to division by zero in `(unsigned short) size / (unsigned short) sizeof(struct sock_filter);`. Found with LGTM: https://lgtm.com/projects/g/netblue30/firejail/snapshot/961c4ca00425b60a7bc8543460031a8ebf3d8aa6/files/src/libpostexecseccomp/libpostexecseccomp.c#x838c24f710410160:1 | ||
| * | | remove duplicate fclose/free | Reiner Herrmann | 2019-07-10 |
| |/ | |||
| * | Add redirects for mpg123 (#2847) | glitsj16 | 2019-07-09 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Create conplay.profile * Create mpg123.bin.profile * Create mpg123-alsa.profile * Create mpg123-id3dump.profile * Create mpg123-jack.profile * Create mpg123-nas.profile * Create mpg123-openal.profile * Create mpg123-oss.profile * Create mpg123-portaudio.profile * Create mpg123-pulse.profile * Create mpg123-strip.profile * Create out123.profile * Add mpg123 redirects to fireconfig | ||
| * | Merge pull request #2844 from crass/fix-561-trace-appimage | netblue30 | 2019-07-09 |
| |\ | | | | | Fix issue #561. Refactor/Optimize code to get and use pid and process name. | ||
| | * | Fix issue #561. Refactor/Optimize code to get and use pid and process name. | Glenn Washburn | 2019-07-09 |
| | | | |||
| * | | Merge pull request #2843 from crass/fix-2842-extra-appimage-envvars | netblue30 | 2019-07-09 |
| |\ \ | | | | | | | Add OWD and ARGV0 environment variables. Correctly create APPIMAGE envvar. | ||
| | * | | Add OWD and ARGV0 environment variables. Correctly create APPIMAGE envvar. | Glenn Washburn | 2019-07-09 |
| | |/ | |||
 |
index : firejail | |
| Mirror of https://github.com/netblue30/firejail | Firejail Authors |
| summaryrefslogtreecommitdiffstats |