Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | cleanup after scan-build | 2019-10-31 | |
| | |||
* | remove scan-build warning | 2019-10-31 | |
| | |||
* | Rework waterfox profile (#3014) | 2019-10-28 | |
| | | | closes #3013 | ||
* | fixup! Add amuled profile (redirect from amule) | 2019-10-27 | |
| | |||
* | Update main.c | 2019-10-25 | |
| | | | Eight byte stack alignment is a requirement of the Procedure Call Standard for the ARM Architecture [AAPCS]. This specifies that functions must maintain an eight-byte aligned stack address (for example: 0x00, 0x08, 0x10, 0x18, 0x20) on all external interfaces | ||
* | Fix #2995 | 2019-10-16 | |
| | |||
* | Profiles: add signal-cli profile (#3002) | 2019-10-15 | |
| | | | | | | | | * Profiles: add signal-cli profile Clarification regarding Java * Added suggestions from code review | ||
* | blacklist runtime profile directory | 2019-10-14 | |
| | |||
* | chroot error message typo | 2019-10-13 | |
| | |||
* | postpone procfs mount until after chroot call | 2019-10-13 | |
| | | | | issue #2301 | ||
* | fix chroot with mounted resolv.conf | 2019-10-13 | |
| | |||
* | x11 hardening | 2019-10-13 | |
| | |||
* | kalgebra.profile, kalgebramobile.profile | 2019-10-12 | |
| | |||
* | x11 xorg: blacklist non-default Xauthority file | 2019-10-08 | |
| | | | fixes #1652 | ||
* | add x11 xorg option to HAS_X11 conditional - #2205 | 2019-10-08 | |
| | |||
* | add HAS_X11 conditional, disconnect session manager - #2205 | 2019-10-08 | |
| | |||
* | little tweaks | 2019-10-08 | |
| | |||
* | Merge pull request #2982 from smitsohu/chroot | 2019-10-04 | |
|\ | | | | | Move chroot entirely from path based to file descriptor based mounts | ||
| * | improve enforce_filters warning | 2019-10-01 | |
| | | | | | | added an additional newline in order to keep it visually separate from other unrelated error messages | ||
| * | simplify chroot option parsing | 2019-10-01 | |
| | | | | | | | | this is a partial revert, back to the original code | ||
| * | base checks and mounts on same file descriptor | 2019-10-01 | |
| | | |||
| * | improve variable names | 2019-09-29 | |
| | | |||
| * | chroot module | 2019-09-29 | |
| | | |||
| * | move chroot from path based to file descriptor based mounts | 2019-09-29 | |
| | | |||
* | | fix the fix | 2019-10-04 | |
| | | | | | | | | | | | | cf. previous commit 34e5ad65b238b698c55e4921c9ac9294e6548cc7 line buffered output is what we really want | ||
* | | alphabetize man page entries | 2019-10-04 | |
| | | |||
* | | fix concurrent writing to trace file | 2019-10-04 | |
| | | |||
* | | break out of libtrace file open loop | 2019-10-04 | |
| | | |||
* | | commented out some debug code in libtrace | 2019-09-29 | |
| | | |||
* | | increase socket buffer size for firemon, bug #2700 | 2019-09-29 | |
|/ | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | 2019-09-22 | |
|\ | |||
| * | Create pngquant.profile | 2019-09-21 | |
| | | |||
| * | Create gnome-latex.profile | 2019-09-20 | |
| | | |||
* | | minor optimization | 2019-09-22 | |
| | | |||
* | | prevent trace from interfering with sandbox setup | 2019-09-22 | |
| | | |||
* | | various clarifications, minor fixes | 2019-09-22 | |
|/ | |||
* | break out fs_tracefile function | 2019-09-18 | |
| | |||
* | fix the fix: tune file copy limit width | 2019-09-17 | |
| | |||
* | fail gracefully if argc is zero | 2019-09-17 | |
| | |||
* | add trace file validation | 2019-09-17 | |
| | |||
* | move to fd based trace file mount | 2019-09-17 | |
| | |||
* | Merge branch 'master' into fix-profile-builder | 2019-09-15 | |
|\ | |||
| * | update seccomp in man firejail | 2019-09-13 | |
| | | |||
| * | libtrace cleanup | 2019-09-10 | |
| | | |||
| * | Add ar profile (#2949) | 2019-09-08 | |
| | | | | | | | | | | | | * Add ar to firecfg * Create ar.profile | ||
| * | fix FIREJAIL_FILE_COPY_LIMIT larger than 2GB | 2019-09-05 | |
| | | |||
| * | Revert changes in #2928 to seccomp group @default | 2019-09-04 | |
| | | | | | | | | | | Reconstruct @default by not relying on the changed system call groups @privileged and @resources. | ||
* | | Make sure that we are unprivileged before creating the trace log file. | 2019-08-29 | |
| | | |||
* | | When running builder trace output should go to separate file because (1) ↵ | 2019-08-29 | |
| | | | | | | | | trace output is logged to console, which is a pain to capture, and (2) it should not be mingled with program output anyway, which it was when sending to stdout. | ||
* | | Update man page to note that --trace can now take an optional parameter. | 2019-08-29 | |
| | |