Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | cleanup | 2017-08-23 | |
| | |||
* | seccomp: fix errno | 2017-08-22 | |
| | |||
* | compile fixes | 2017-08-21 | |
| | |||
* | enhancement: print all seccomp filters under --debug | 2017-08-20 | |
| | |||
* | Feature: switch/config option to block secondary architectures | 2017-08-19 | |
| | | | | | | | | | Add a feature for a new (opt-in) command line switch and config file option to block secondary architectures entirely. Also block changing Linux execution domain with personality() system call for the primary architecture. Closes #1479 | ||
* | testing | 2017-08-19 | |
| | |||
* | create /usr/local for firecfg if the directory doesn't exist | 2017-08-19 | |
| | |||
* | Postpone installation of seccomp filters just before execve | 2017-08-19 | |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2017-08-18 | |
|\ | |||
| * | new MuseScore profile (#1477) | 2017-08-18 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add musescore profile * blacklist musescore * add musescore * add musescore * add tuxguitar, musescore * add tuxguitar, musescore | ||
* | | seccomp testing | 2017-08-18 | |
|/ | |||
* | Minor manpage correction | 2017-08-18 | |
| | |||
* | memory-deny-write-execute testing | 2017-08-18 | |
| | |||
* | private-lib | 2017-08-17 | |
| | |||
* | memory-deny-write-execute | 2017-08-17 | |
| | |||
* | --net=none documentation | 2017-08-17 | |
| | |||
* | fix x11 display reporting in firemon and firetools for sessions joining an ↵ | 2017-08-15 | |
| | | | | existing x11 sandbox | ||
* | compile cleanup | 2017-08-15 | |
| | |||
* | fix #1462 | 2017-08-15 | |
| | |||
* | update RELNOTES/Readme.md/--help; man page update for #1439 | 2017-08-14 | |
| | |||
* | Fix compile with older kernel headers | 2017-08-13 | |
| | |||
* | Fix copy-paste | 2017-08-13 | |
| | |||
* | Allow any syscall to be blacklisted (#1447) | 2017-08-13 | |
| | | | | | | | Allow any syscall to be blacklisted with aid of LD_PRELOAD library, libpostexecseccomp.so. Closes: #1447 | ||
* | modif: --output split in two commands, --output and --output-stderr; fix for ↵ | 2017-08-13 | |
| | | | | #1458 | ||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2017-08-12 | |
|\ | |||
| * | Enable system call groups with minus sign | 2017-08-12 | |
| | | |||
* | | added --nodvd | 2017-08-12 | |
|/ | |||
* | private-dev enhancements | 2017-08-11 | |
| | |||
* | Add TuxGuitar profile (#1453) | 2017-08-10 | |
| | | | | | | | | | | | | | | | | | | | | * add tuxguitar profile tested for versions < 1.3 * blacklist tuxguitar * add tuxguitar * add tuxguitar * add support for tuxguitar > 1.2 higher versions fail to launch without protocol=inet,inet6 and with noexec=~. Yet, net=none seems to be still tolerated, which comes handy to block talk with internet and dbus. * unbreak tuxguitar Internet access versions >= 1.3 actually run fine with net=none enabled, if the built-in internet dependent feature is not used | ||
* | Enable syscall groups for non-internal use | 2017-08-10 | |
| | |||
* | typo | 2017-08-10 | |
| | |||
* | Add a profile alias for Firefox Nightly | 2017-08-10 | |
| | |||
* | --notv for #1446 | 2017-08-10 | |
| | |||
* | add /dev/dbv to private-dev list | 2017-08-09 | |
| | |||
* | merges | 2017-08-07 | |
| | |||
* | Seccomp: split @default into more meaningful smaller groups | 2017-08-06 | |
| | |||
* | Seccomp: system call grouping and call numbers | 2017-08-06 | |
| | |||
* | private-lib fixes | 2017-08-06 | |
| | |||
* | private-lib: fix crash | 2017-08-06 | |
| | |||
* | prive-lib: integration with firetools | 2017-08-06 | |
| | |||
* | bring in private-lib libraries for all private-bin programs. ↵ | 2017-08-06 | |
| | | | | Example:firejail --private-lib --private-bin=bash,ls,find,pwd,grep | ||
* | fix copyright statement | 2017-08-05 | |
| | |||
* | Improve library handling: use DT_RPATH/DT_RUNPATH to find more libs | 2017-08-05 | |
| | | | | | | Helps in more complex cases like this: libpulse.so wants libpulsecommon-10.0.so, which is located in /usr/lib/x86_64-linux-gnu/pulseaudio. This path is specified with DT_RUNPATH. | ||
* | Merge pull request #1436 from SpotComms/gt | 2017-08-05 | |
|\ | | | | | Add a profile for Gnome Twitch | ||
| * | Add a profile for Gnome Twitch | 2017-08-05 | |
| | | |||
* | | private-lib: preliminary support for directories in private-lib list | 2017-08-05 | |
|/ | |||
* | Update firecfg.config and add a wireshark-* alias | 2017-08-04 | |
| | |||
* | private-lib: add src/fldd | 2017-08-04 | |
| | |||
* | private-lib: support for /etc/firejail/firejail.config | 2017-08-04 | |
| | |||
* | private-lib: bringing in private-lib list from command line | 2017-08-04 | |
| |