Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | --git-install | netblue30 | 2017-02-04 |
| | |||
* | --git-install | netblue30 | 2017-02-04 |
| | |||
* | git-install | netblue30 | 2017-02-04 |
| | |||
* | quiet fix | netblue30 | 2017-02-04 |
| | |||
* | --writable-var-log | netblue30 | 2017-01-30 |
| | |||
* | --quiet fix | netblue30 | 2017-01-30 |
| | |||
* | merges | netblue30 | 2017-01-29 |
| | |||
* | fixing --hosts-file privelege check | Igor Bukanov | 2017-01-29 |
| | | | | | | Currently the code uses the access() call to check if the user has an access to a file that is copied into the root as /etc/hosts. This inevitably adds a race when the user changes the file to a symbolic link pointing to an arbitrary location on the filsystem after the access check is done but before opening the file to copy it. This potentially allows to read any file on the system. To close this the code adds a utility copy_file_from_user_to_root . It opens the copy destination file as root and then forks/drop privileges. Then as a user the utility opens the source file and do the copy into the destination descriptor that is preserved accross the fork. | ||
* | support allow-private-blacklist in profile files | netblue30 | 2017-01-28 |
| | |||
* | fixed access for --hosts-file | netblue30 | 2017-01-23 |
| | |||
* | bash completion for --hosts-file | netblue30 | 2017-01-22 |
| | |||
* | --hosts-file option | netblue30 | 2017-01-22 |
| | |||
* | Add support for joining a persistent, named network namespace. | Zack Weinberg | 2017-01-20 |
| | |||
* | firejail/fs.c: include sys/wait.h for declaration of waitpid | Zack Weinberg | 2017-01-20 |
| | |||
* | man page fix | netblue30 | 2017-01-20 |
| | |||
* | fix PulseAudio/machine-id problem | netblue30 | 2017-01-18 |
| | |||
* | fix ASSERT_PERMS_FD macro | netblue30 | 2017-01-14 |
| | |||
* | local customization | netblue30 | 2017-01-14 |
| | |||
* | nvidia fix | netblue30 | 2017-01-13 |
| | |||
* | cleanup | netblue30 | 2017-01-12 |
| | |||
* | Gentoo compile fix | netblue30 | 2017-01-12 |
| | |||
* | copy_file cleanup | netblue30 | 2017-01-11 |
| | |||
* | fix | netblue30 | 2017-01-11 |
| | |||
* | temoprary fix for local profile feature | netblue30 | 2017-01-11 |
| | |||
* | chroot tightening | netblue30 | 2017-01-10 |
| | |||
* | copy_file cleanup | netblue30 | 2017-01-10 |
| | |||
* | security fix | netblue30 | 2017-01-10 |
| | |||
* | security fix | netblue30 | 2017-01-06 |
| | |||
* | security fix | netblue30 | 2017-01-06 |
| | |||
* | security fixes | netblue30 | 2017-01-04 |
| | |||
* | security fix | netblue30 | 2017-01-04 |
| | |||
* | allow non-seccomp setup for OverlayFS sandboxes | netblue30 | 2017-01-04 |
| | |||
* | gpg fixes | netblue30 | 2016-12-29 |
| | |||
* | Merge pull request #1004 from thewisenerd/patch-multiple-private-argv | netblue30 | 2016-12-24 |
|\ | | | | | allow multiple private-argv | ||
| * | firejail: argv: allow multiple private-* options | thewisenerd | 2016-12-24 |
| | | |||
| * | firejail: profile: allow multiple private-* options | thewisenerd | 2016-12-24 |
| | | |||
| * | firejail: private-* : check, then assign. | thewisenerd | 2016-12-24 |
| | | |||
| * | argv: private-home: exit on invalid option | thewisenerd | 2016-12-24 |
| | | |||
* | | main: guess_shell: use $SHELL variable if set | thewisenerd | 2016-12-24 |
|/ | | | | fixes #983 | ||
* | compile fixes | netblue30 | 2016-12-22 |
| | |||
* | testing | netblue30 | 2016-12-19 |
| | |||
* | Merge pull request #991 from thewisenerd/master | netblue30 | 2016-12-19 |
|\ | | | | | appimage: pass commandline arguments | ||
| * | appimage: pass commandline arguments | thewisenerd | 2016-12-19 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | commandline arguments are not being passed to appimage, which hinders some functionality. This adds the function build_appimage_cmdline based on build_cmdline which works by calling quote_cmdline with passed argv, and then replaces initial argument with AppRun path generated in appimage_set. TODO: deal with extra memory allocation. The 'quoted' length of the first '*.AppImage' argument may or may not be greater than the 'quoted' AppRun path. | ||
* | | Implement the --allow-private-blacklist option | Peter Millerchip | 2016-12-18 |
| | | |||
* | | Remove compiler warnings on Ubuntu 16.04 | Peter Millerchip | 2016-12-18 |
|/ | |||
* | Merge pull request #978 from Fred-Barclay/keepassx2 | netblue30 | 2016-12-16 |
|\ | | | | | Add keepassx2 profile | ||
| * | Add keepassx2 profile | Fred Barclay | 2016-12-14 |
| | | |||
* | | fix older platforms | netblue30 | 2016-12-15 |
|/ | |||
* | added a 1 second delay after xpra server is started | netblue30 | 2016-12-14 |
| | |||
* | machine-id fix | netblue30 | 2016-12-14 |
| |