Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | added ffmpeg.profile, removed ssh-agent from firecfg | 2017-09-21 | |
| | |||
* | Add a profile for arch-audit | 2017-09-21 | |
| | |||
* | cleanup | 2017-09-20 | |
| | |||
* | Update man page since --private-dev allows disc devices like cdrom | 2017-09-19 | |
| | |||
* | fix issue #1559 | 2017-09-19 | |
| | |||
* | Merge branch 'master' of http://github.com/netblue30/firejail | 2017-09-19 | |
|\ | |||
| * | Add a profile for Conky | 2017-09-19 | |
| | | |||
* | | add private-bin support to profile builder | 2017-09-19 | |
|/ | |||
* | Update firecfg | 2017-09-18 | |
| | |||
* | Add a profile for xmr-stak-cpu | 2017-09-18 | |
| | | | | | | - Add list of new profiles to README.md - Update firecfg - Further restrict silentarmy | ||
* | Add a profile for clamdscan, clamdtop, and freshclam | 2017-09-18 | |
| | |||
* | Add a profile for ClamAV's clamscan | 2017-09-18 | |
| | |||
* | spelling | 2017-09-17 | |
| | |||
* | profile build tool | 2017-09-17 | |
| | |||
* | cleanup | 2017-09-16 | |
| | |||
* | fixed systemd-resolved integration - bug #1531 | 2017-09-16 | |
| | |||
* | --build | 2017-09-16 | |
| | |||
* | Add a profile for Terasology | 2017-09-15 | |
| | |||
* | fix dependency on /etc/firejail/firejail.config when starting on symbolic links | 2017-09-15 | |
| | |||
* | --writable-run-user man page | 2017-09-14 | |
| | |||
* | --writable-run-user, solving ssh/gnupg authentication problems for smarcards | 2017-09-14 | |
| | |||
* | fix manpage for --output | 2017-09-12 | |
| | |||
* | merge fixes from 0.9.50-bugfixes branch | 2017-09-11 | |
| | |||
* | Improve seccomp architecture support | 2017-09-10 | |
| | |||
* | small fixes | 2017-09-07 | |
| | |||
* | Add a profile for Minetest | 2017-09-06 | |
| | |||
* | Merge pull request #1533 from smitsohu/pulse | 2017-09-05 | |
|\ | | | | | remount ~/.config/pulse with noexec | ||
| * | remount config/pulse with noexec | 2017-09-05 | |
| | | |||
* | | testing | 2017-09-05 | |
|/ | |||
* | fix caps.keep/dac-overwrite | 2017-09-05 | |
| | |||
* | "module" is already included in "privileged" | 2017-09-04 | |
| | |||
* | fix #1522 | 2017-09-03 | |
| | |||
* | merge yandex browser | 2017-09-02 | |
| | |||
* | --profile.print option | 2017-09-02 | |
| | |||
* | Improve seccomp support for non-x86 architectures | 2017-09-02 | |
| | |||
* | Workaround for build problems, but correct problem this time | 2017-09-02 | |
| | |||
* | Workaround for build problems on arm64, s390x and sparc64 | 2017-09-01 | |
| | |||
* | Improve cross-platform build | 2017-08-30 | |
| | |||
* | removed zsh from travis test suite, fixed handling of /dev/shm whitelist for ↵ | 2017-08-30 | |
| | | | | Debian wheezy and Ubuntu 14.04 | ||
* | fix seccomp secondary filter printing on i386 platform | 2017-08-30 | |
| | |||
* | tentative fix for Debian cross-platform build | 2017-08-30 | |
| | |||
* | pidstr needs 11 bytes (10 + NULL) | 2017-08-29 | |
| | | | | | | | | | | | | | also use %d because index is signed int. Found by compiler: netstats.c:165:23: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=] snprintf(pidstr, 10, "%u", index); ^~~~ In file included from /usr/include/stdio.h:938:0, from firemon.h:24, from netstats.c:20: /usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 2 and 11 bytes into a destination of size 10 | ||
* | Fix pointer dereference | 2017-08-29 | |
| | | | | | | | Found by compiler: fs_bin.c:108:14: warning: comparison between pointer and zero character constant [-Wpointer-compare] if (++fname == '\0') ^~ | ||
* | cleanup | 2017-08-27 | |
| | |||
* | --private-bin: restrict full paths to the directories in the list | 2017-08-27 | |
| | |||
* | Allow private-bin parameters to be an absolute path | 2017-08-24 | |
| | | | With Ubuntu 16.04, /usr/bin/which is a symlink to /bin/which. So, using "private-bin which" finds "which" in /usr/bin and adds the symlink to "which" in /bin mapped directory. The /bin directory thus contains a symlink named "which" pointing to "/bin/which" (itself). This creates a symlink loop, and does not work. In order to solve this, the full path can now be used, such as "private-bin /bin/which". | ||
* | fix compiling when seccomp is disabled | 2017-08-23 | |
| | |||
* | man page | 2017-08-23 | |
| | |||
* | enforce seccomp | 2017-08-23 | |
| | |||
* | fix seccomp.keep for #1490 | 2017-08-23 | |
| |