aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAge
* --buildLibravatar netblue302017-09-16
|
* Add a profile for TerasologyLibravatar Tad2017-09-15
|
* fix dependency on /etc/firejail/firejail.config when starting on symbolic linksLibravatar startx20172017-09-15
|
* --writable-run-user man pageLibravatar netblue302017-09-14
|
* --writable-run-user, solving ssh/gnupg authentication problems for smarcardsLibravatar netblue302017-09-14
|
* fix manpage for --outputLibravatar netblue302017-09-12
|
* merge fixes from 0.9.50-bugfixes branchLibravatar netblue302017-09-11
|
* Improve seccomp architecture supportLibravatar Topi Miettinen2017-09-10
|
* small fixesLibravatar startx20172017-09-07
|
* Add a profile for MinetestLibravatar Tad2017-09-06
|
* Merge pull request #1533 from smitsohu/pulseLibravatar netblue302017-09-05
|\ | | | | remount ~/.config/pulse with noexec
| * remount config/pulse with noexecLibravatar smitsohu2017-09-05
| |
* | testingLibravatar netblue302017-09-05
|/
* fix caps.keep/dac-overwriteLibravatar startx20172017-09-05
|
* "module" is already included in "privileged"Libravatar smitsohu2017-09-04
|
* fix #1522Libravatar netblue302017-09-03
|
* merge yandex browserLibravatar netblue302017-09-02
|
* --profile.print optionLibravatar netblue302017-09-02
|
* Improve seccomp support for non-x86 architecturesLibravatar Topi Miettinen2017-09-02
|
* Workaround for build problems, but correct problem this timeLibravatar Topi Miettinen2017-09-02
|
* Workaround for build problems on arm64, s390x and sparc64Libravatar Topi Miettinen2017-09-01
|
* Improve cross-platform buildLibravatar Topi Miettinen2017-08-30
|
* removed zsh from travis test suite, fixed handling of /dev/shm whitelist for ↵Libravatar netblue302017-08-30
| | | | Debian wheezy and Ubuntu 14.04
* fix seccomp secondary filter printing on i386 platformLibravatar netblue302017-08-30
|
* tentative fix for Debian cross-platform buildLibravatar netblue302017-08-30
|
* pidstr needs 11 bytes (10 + NULL)Libravatar Reiner Herrmann2017-08-29
| | | | | | | | | | | | | also use %d because index is signed int. Found by compiler: netstats.c:165:23: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=] snprintf(pidstr, 10, "%u", index); ^~~~ In file included from /usr/include/stdio.h:938:0, from firemon.h:24, from netstats.c:20: /usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 2 and 11 bytes into a destination of size 10
* Fix pointer dereferenceLibravatar Reiner Herrmann2017-08-29
| | | | | | | Found by compiler: fs_bin.c:108:14: warning: comparison between pointer and zero character constant [-Wpointer-compare] if (++fname == '\0') ^~
* cleanupLibravatar netblue302017-08-27
|
* --private-bin: restrict full paths to the directories in the listLibravatar netblue302017-08-27
|
* Allow private-bin parameters to be an absolute pathLibravatar LaurentGH2017-08-24
| | | With Ubuntu 16.04, /usr/bin/which is a symlink to /bin/which. So, using "private-bin which" finds "which" in /usr/bin and adds the symlink to "which" in /bin mapped directory. The /bin directory thus contains a symlink named "which" pointing to "/bin/which" (itself). This creates a symlink loop, and does not work. In order to solve this, the full path can now be used, such as "private-bin /bin/which".
* fix compiling when seccomp is disabledLibravatar Reiner Herrmann2017-08-23
|
* man pageLibravatar netblue302017-08-23
|
* enforce seccompLibravatar netblue302017-08-23
|
* fix seccomp.keep for #1490Libravatar netblue302017-08-23
|
* Merge pull request #1488 from SpotComms/mfLibravatar netblue302017-08-23
|\ | | | | Various changes
| * Add a profile for NeverballLibravatar Tad2017-08-22
| |
* | cleanupLibravatar netblue302017-08-23
| |
* | seccomp: fix errnoLibravatar netblue302017-08-22
|/
* compile fixesLibravatar netblue302017-08-21
|
* enhancement: print all seccomp filters under --debugLibravatar netblue302017-08-20
|
* Feature: switch/config option to block secondary architecturesLibravatar Topi Miettinen2017-08-19
| | | | | | | | | Add a feature for a new (opt-in) command line switch and config file option to block secondary architectures entirely. Also block changing Linux execution domain with personality() system call for the primary architecture. Closes #1479
* testingLibravatar netblue302017-08-19
|
* create /usr/local for firecfg if the directory doesn't existLibravatar netblue302017-08-19
|
* Postpone installation of seccomp filters just before execveLibravatar Topi Miettinen2017-08-19
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar netblue302017-08-18
|\
| * new MuseScore profile (#1477)Libravatar smitsohu2017-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * add musescore profile * blacklist musescore * add musescore * add musescore * add tuxguitar, musescore * add tuxguitar, musescore
* | seccomp testingLibravatar netblue302017-08-18
|/
* Minor manpage correctionLibravatar Reiner Herrmann2017-08-18
|
* memory-deny-write-execute testingLibravatar netblue302017-08-18
|
* private-libLibravatar netblue302017-08-17
|
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 15:07:54 +0000