Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Merge pull request #1436 from SpotComms/gt | Fred Barclay | 2017-08-05 |
|\ | | | | | Add a profile for Gnome Twitch | ||
| * | Add a profile for Gnome Twitch | Tad | 2017-08-05 |
| | | |||
* | | private-lib: preliminary support for directories in private-lib list | netblue30 | 2017-08-05 |
|/ | |||
* | Update firecfg.config and add a wireshark-* alias | Tad | 2017-08-04 |
| | |||
* | private-lib: add src/fldd | netblue30 | 2017-08-04 |
| | |||
* | private-lib: support for /etc/firejail/firejail.config | netblue30 | 2017-08-04 |
| | |||
* | private-lib: bringing in private-lib list from command line | netblue30 | 2017-08-04 |
| | |||
* | private-lib: split fldd as a separate application | netblue30 | 2017-08-03 |
| | |||
* | Add rambox profile from #1425 | Fred Barclay | 2017-08-02 |
| | |||
* | get_mempolicy syscall was temporarily removed from the default seccomp list. ↵ | netblue30 | 2017-08-02 |
| | | | | | | It seems to break playing youtube videos on Firefox Nightly - #1414 | ||
* | x11/xpra support | netblue30 | 2017-08-01 |
| | |||
* | compile cleanup | netblue30 | 2017-08-01 |
| | |||
* | Fix tracing with private-lib | Topi Miettinen | 2017-08-01 |
| | |||
* | Merge pull request #1415 from chiraag-nataraj/master | netblue30 | 2017-07-31 |
|\ | | | | | Tentative implementation for #1405 | ||
| * | Ensure malloc was successful | Chiraag Nataraj | 2017-07-30 |
| | | |||
| * | Remove debugging stuff, free start_child, exit properly | Chiraag Nataraj | 2017-07-30 |
| | | |||
| * | Tentative implementation for #1405 | Chiraag Nataraj | 2017-07-30 |
| | | |||
* | | Fixes for the private-lib and memory-deny-write-execute features | Topi Miettinen | 2017-07-30 |
| | | |||
* | | Memory-deny-write-execute feature | Topi Miettinen | 2017-07-30 |
| | | | | | | | | Feature to block attempts to create writable and executable memory. | ||
* | | Improve loading of seccomp filter | Topi Miettinen | 2017-07-30 |
| | | | | | | | | Also fixes a memory leak and double load. | ||
* | | Private /lib feature | Topi Miettinen | 2017-07-30 |
| | | |||
* | | merges | netblue30 | 2017-07-30 |
|/ | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | netblue30 | 2017-07-29 |
|\ | |||
| * | Add a profile for arm | Tad | 2017-07-29 |
| | | |||
* | | --shell=none fix | netblue30 | 2017-07-29 |
|/ | |||
* | Merge pull request #1410 from topimiettinen/seccomp-print | netblue30 | 2017-07-29 |
|\ | | | | | Improve seccomp printing | ||
| * | Improve seccomp printing | Topi Miettinen | 2017-07-28 |
| | | |||
* | | new profiles | netblue30 | 2017-07-29 |
| | | |||
* | | arp rework | netblue30 | 2017-07-29 |
|/ | |||
* | tentative fix for arp cahce pollution - #1406 | netblue30 | 2017-07-27 |
| | |||
* | Fix typo for fnet moveif invocation on 2nd interface. | Christopher A. Oliver | 2017-07-27 |
| | |||
* | Improve cross build support by using configured compiler instead of make default | Helmut Grohne | 2017-07-26 |
| | | | | https://bugs.debian.org/869707 | ||
* | merges | netblue30 | 2017-07-25 |
| | |||
* | Merge pull request #1402 from topimiettinen/nosuid-noexec-nodev-proc-sys | netblue30 | 2017-07-25 |
|\ | | | | | /proc/sys can be nosuid,noexec,nodev | ||
| * | /proc/sys can be nosuid,noexec,nodev | Topi Miettinen | 2017-07-25 |
| | | |||
* | | Block some obsolete or unusual syscalls | Topi Miettinen | 2017-07-25 |
|/ | |||
* | Merge pull request #1393 from topimiettinen/improve-mounting | netblue30 | 2017-07-20 |
|\ | | | | | Improve mount handling | ||
| * | Improve mount handling | Topi Miettinen | 2017-07-19 |
| | | | | | | | | | | noexec/read-only/read-write handling: copy underlying FS flags before remounting. If the flags are already OK, don't remount unnecessarily. | ||
* | | Fix typo usr->user | Topi Miettinen | 2017-07-19 |
|/ | | | | | This typo may have prevented blacklists of /run/user/{uid}/gnupg and /run/user/{uid}/systemd from working. | ||
* | support for Xephyr screen size | netblue30 | 2017-07-19 |
| | |||
* | xvfb fixes | netblue30 | 2017-07-17 |
| | |||
* | Fix #1383 | Tad | 2017-07-16 |
| | |||
* | Update after merge #1374 | Fred-Barclay | 2017-07-13 |
| | | | | | This introduces blacklist ~/.java to disable-programs.inc, so it may break some existing profiles that depend on it. | ||
* | Cleanup from merges #1369 and #1373 | Fred-Barclay | 2017-07-13 |
| | |||
* | fix xpra broken earlier | netblue30 | 2017-07-12 |
| | |||
* | cleanup | netblue30 | 2017-07-12 |
| | |||
* | fix #1371; rework seccomp_filter_drop() function | startx2017 | 2017-07-11 |
| | |||
* | fix discretionary access control for sandboxes running as root with --noprofile | netblue30 | 2017-07-08 |
| | |||
* | fixing the previous fix | startx2017 | 2017-07-07 |
| | |||
* | fix firemon --name | startx2017 | 2017-07-07 |
| |