| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* rework chromium
+ 516d0811 has removed fundamental security features.
(remove caps.drop=all, nonewprivs, noroot, seccomp, protocol; add
caps.keep)
Though this is only necessary if running under a kernel which
disallow
unprivileged userns clones. Arch's linux-hardened and debian kernel
are
patched accordingly. Arch's linux and linux-lts kernels support this
restriction via sysctk (kernel.unprivileged_userns_clone=0) as users
opt-in.
Other kernels such as mainline or fedora/redhat always support
unprivileged
userns clone and have no sysctl parameter to disable it. Debian and
Arch
users can enable it with 'sysctl kernel.unprivileged_userns_clone=1'.
This commit adds a chromium-common-hardened.inc which can be included
in
chromium-common to enhance security of chromium-based programs.
+ chromium-common.profile: add private-cache
+ chromium-common.profile: add wruc and wusc, but disable it for the
following
profiles until tested. tests welcome.
- [ ] bnox, dnox, enox, inox, snox
- [ ] brave
- [ ] flashpeak-slimjet
- [ ] google-chrome, google-chrome-beta, google-chrome-unstable
- [ ] iridium
- [ ] min
- [ ] opera, opera-beta
+ move vivaldi-snapshot paths from vivaldi-snapshot.profile to vivaldi.
/usr/bin/vivaldi is a symlink to /etc/alternatives/vivaldi which can
be
vivaldi-stable, vivaldi-beta or vivaldi-snapshot.
vivaldi-snapshot.profile
missed also some features from vivaldi.profile, solve this by making
it
redirect to vivaldi.profile. TODO: exist new paths such as
.local/lib/vivaldi
also for vivaldi-snapshot?
+ create chromium-browser-privacy.profile (closes #3633)
* update 1
+ add missing 'ignore whitelist /usr/share/chromium'
+ revert 'Move drm-relaktions in vivaldi.profile behind
BROWSER_ALLOW_DRM.'. This breaks not just DRM, it break things such
as AAC too. In addition vivaldi shows a something is broken pop-up,
we would have a lot of 'does not work with firejail' issues.
* update 2
* update 3
fixes #3709
|
|
|
|
|
|
|
| |
* Update firecfg.config
* Update disable-programs.inc
* Create spectacle.profile
|
| |
|
| |
|
| |
|
|\
| |
| | |
Allow --tmpfs and --bind inside $HOME for unprivileged users
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
--tmpfs was added in 0.9.14 and restricted to root only in 0.9.38
due to priv-esc CVE-2016-10117 (e.g. --tmpfs=/etc and modify
/etc/sudoers). This commit reintroduce it for normal users, if the
realpath of it is inside users-home.
|
|/
|
|
| |
…recorder to firecfg.config
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove environment variables with --rmenv immediately. This fixes
removing long environment variables (LS_COLORS generated by vivid),
previously the length filter would trip before the command was
processed.
This changes user visible behavior slightly, for example --rmenv=LANG
now applies also to Firejail, while earlier it would only apply to
sandboxed program.
Partially fixes #3673, but not handling `rmenv` in profiles.
Also suggest --rmenv when there are problems with enviroment
variables.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
|
|
|
|
|
| |
Fixes clang-analyzer warnings:
"Although the value stored to 'xxxxx' is used in the enclosing expression, the value is never actually read from 'xxxxx'"
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
according to GCC documentation (https://gcc.gnu.org/onlinedocs/gcc/Link-Options.html):
"For predictable results, you must also specify the same set of options
used for compilation (-fpie, -fPIE, or model suboptions) when you
specify this linker option."
|
| |
|
|
|
|
| |
Fixes: #3654
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Debian8; we will bring it back in the next release
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
error: adding 'int' to a string does not append to the string [-Werror,-Wstring-plus-int]
|
|
|
|
| |
building with clang printed a warning
|
| |
|
| |
|
|
|
|
| |
appimages (#3530)
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
* add --include
closes #2923
* Priorize searching in cwd
|
| |
|