Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | merge from LTS branch: cleanup O_PATH, --private-template | 2018-06-19 | ||
| | ||||
* | Revert "mounting a tmpfs on ~/.cache directory (private-cache) by default" | 2018-06-14 | ||
| | | | | This reverts commit caa7ad8714206a158123773ddcaca6ef219a5501. | |||
* | merges | 2018-06-14 | ||
| | ||||
* | merges | 2018-06-14 | ||
| | ||||
* | Add --keep-dev-shm (undocumented for now). | 2018-06-13 | ||
| | ||||
* | Change --nousb to --nou2f per suggestion on last commit. | 2018-06-12 | ||
| | ||||
* | Add --nousb option | 2018-06-12 | ||
| | ||||
* | Add /dev/hidraw* devices for potential fix for Yubikey devices | 2018-06-12 | ||
| | ||||
* | potential fix for Yubikey devices | 2018-06-12 | ||
| | ||||
* | mounting a tmpfs on ~/.cache directory (private-cache) by default | 2018-06-12 | ||
| | ||||
* | Add profiles for Microsoft Office Online apps (from Manjaro devs) | 2018-06-11 | ||
| | ||||
* | update man page (private-cache) | 2018-06-12 | ||
| | ||||
* | fix indentation | 2018-06-12 | ||
| | ||||
* | additional mount hardening (pulseaudio, Xauthority) | 2018-06-12 | ||
| | ||||
* | removed CFG_CHROOT_DESKTOP config option | 2018-06-11 | ||
| | ||||
* | wireless support | 2018-06-09 | ||
| | ||||
* | glibc missing O_PATH definition on Debian 7 | 2018-06-09 | ||
| | ||||
* | support wireless interfaces for --net | 2018-06-09 | ||
| | ||||
* | fnet fix (merge from LTS branch) | 2018-06-05 | ||
| | ||||
* | evaluate UID_MIN/GID_MID at runtime, remove compile time evaluation - fixes ↵ | 2018-06-04 | ||
| | | | | #1964 | |||
* | add private-cache option | 2018-06-04 | ||
| | | | | implementation is based on an idea of James Henstridge, Canonical | |||
* | add engrampa to firecfg list | 2018-06-03 | ||
| | ||||
* | Add a profile alias for firefox-wayland | 2018-05-29 | ||
| | | | | | | | firefox-wayland is a new wrapper script included with Firefox on Fedora 28 it has firefox hardcoded as /usr/bin/firefox + some minor fixes in other profiles | |||
* | globbing support in private-lib | 2018-05-25 | ||
| | ||||
* | little x11_xorg cleanup | 2018-05-25 | ||
| | ||||
* | Fixup Discord profiles | 2018-05-21 | ||
| | | | | Packagers seem to be all using different names | |||
* | private-lib cleanup | 2018-05-20 | ||
| | ||||
* | reverted commit 5a3eefa6e70e824f545add9169202f788a9ce14d, issue #1948 | 2018-05-20 | ||
| | ||||
* | tentative fix for issue #1948 | 2018-05-19 | ||
| | ||||
* | x11 cleanup (remove superfluous set_perms) | 2018-05-16 | ||
| | ||||
* | 0.9.54 testing0.9.54 | 2018-05-16 | ||
| | ||||
* | fix --dns | 2018-05-15 | ||
| | ||||
* | remove unused files | 2018-05-14 | ||
| | ||||
* | merges0.9.54-rc2 | 2018-05-12 | ||
| | ||||
* | Merge pull request #1932 from RDProjekt/modules | 2018-05-12 | ||
|\ | | | | | Fixes to make Blender with AMD GPU work under firejail (#1931) | |||
| * | Allow accessing /sys/module directory | 2018-05-09 | ||
| | | | | | | | | | | | | | | | | | | | | It is required for example by Blender, which Firejail supports. Blender needs read-only access to /sys/module/amdgpu in order to use AMD card with OpenCL. Now user can allow such access by specifying: noblacklist /sys/module whitelist /sys/module/amdgpu read-only /sys/module/amdgpu | |||
* | | Misc fixes | 2018-05-12 | ||
| | | ||||
* | | harden read-write mounts, cleanup | 2018-05-11 | ||
| | | ||||
* | | Merge branch 'master' of https://github.com/netblue30/firejail | 2018-05-09 | ||
|\ \ | ||||
| * | | fix /proc hidepid | 2018-05-09 | ||
| |/ | ||||
| * | lower some more privs | 2018-05-09 | ||
| | | ||||
* | | firemon/prctl enhancements | 2018-05-09 | ||
|/ | ||||
* | don't display firejail --list/--tree/--top processes in firemon stats | 2018-05-08 | ||
| | ||||
* | more errLogExit | 2018-05-08 | ||
| | ||||
* | errLogExit and --overlay-clean | 2018-05-08 | ||
| | ||||
* | remove 64bit seccomp filter from 32bit architectures | 2018-05-06 | ||
| | ||||
* | tiny memleaks, np dereference | 2018-05-05 | ||
| | ||||
* | get error handling right | 2018-05-04 | ||
| | ||||
* | enhance post-mount checks | 2018-05-04 | ||
| | ||||
* | moving get_mount_info from /proc/self/mounts to /proc/slef/mountinfo | 2018-05-03 | ||
| |