firejail - Mirror of https://github.com/netblue30/firejail

	Commit message (Collapse)	Author	Age
...
*	Create a profile for mp3splt-gtk	rusty-snake	2019-05-20
\|
*	Expose /tmp/.X11-unix as read-only as per Issue #2269	ಚಿರಾಗ್ ನಟರಾಜ್	2019-05-19
\|
*	Create meteo-qt.profile (#2704)	Jose Riha	2019-05-18
\|
*	Add inkview.profile	rusty-snake	2019-05-18
\|
*	man pages: add FIREJAIL_QUIET	smitsohu	2019-05-18
\|
*	Merge branch 'master' into nodbus-enhancements	netblue30	2019-05-17
\|\
\| *	Merge pull request #2694 from laomaiweng/propagate-quiet	netblue30	2019-05-17
\| \|\ \| \| \| \| \| \|	Propagate --quiet to children Firejail'ed processes
\| \| *	Move export of FIREJAIL_QUIET to env_defaults()	quentin	2019-05-17
\| \| \| \| \| \| \| \| \| \| \| \|	So that it also works with --join. (HT @smitsohu)
\| \| *	Propagate --quiet to children Firejail'ed processes	quentin	2019-05-13
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	If quiet, set environment variable FIREJAIL_QUIET to "yes" before spawning the child process. Upon starting Firejail, become quiet if the FIREJAIL_QUIET environment variable is set to "yes". Signed-off-by: Quentin Minster <quentin@minster.io>
\| * \|	Merge pull request #2697 from topimiettinen/dbus-block-system-bus	netblue30	2019-05-17
\| \|\ \ \| \| \| \| \| \| \| \|	dbus: make --nodbus block also system D-Bus socket
\| \| * \|	dbus: make --nodbus block also system D-Bus socket	Topi Miettinen	2019-05-15
\| \| \|/ \| \| \| \| \| \| \| \| \|	Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
\| * /	glibc missing O_PATH definition on CentOS 6 - #2696	smitsohu	2019-05-16
\| \|/
\| *	Update firecfg.config for cantata	curiosity-seeker	2019-05-12
\| \|
* \|	Fix overridden DBUS_SESSION_BUS_ADDRESS with nodbus	quentin	2019-05-09
\| \|
* \|	Blacklist ~/.dbus with nodbus	quentin	2019-05-09
\|/
*	update man pages (private-dev, noexec)	smitsohu	2019-05-04
\|
*	Add Bitwarden profile (#2673)	glitsj16	2019-05-02
\| \| \| \| \| \| \| \| \| \|	* Add bitwarden to firecfg * Add support for bitwarden in disable-programs.inc * Create bitwarden.profile * Fix whitelisting and no3d in bitwarden
*	typo	rusty-snake	2019-04-21
\|
*	typo and merges	rusty-snake	2019-04-20
\|
*	Merge pull request #2641 from rusty-snake/add-cheese	netblue30	2019-04-18
\|\ \| \| \| \|	Add cheese.profile
\| *	Add to firecfg	rusty-snake	2019-04-13
\| \|
* \|	Merge pull request #2649 from SkewedZeppelin/drm-noexec	netblue30	2019-04-18
\|\ \ \| \| \| \| \| \|	Add a conditional to control DRM/noexec exception for browsers
\| * \|	Add a conditional to control DRM/noexec exception for browsers	Tad	2019-04-13
\| \|/
* \|	Profiles for gramps, newsboat and freeoffice (#2652)	curiosity-seeker	2019-04-17
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Update firecfg.config * Create gramps.profile * Update disable-programs.inc * Create newsboat.profile * Update disable-programs.inc * Update firecfg.config * Create freeoffice-planmaker * Create freeoffice-textmaker * Create freeoffice-presentations * Update disable-programs.inc * Update firecfg.config * Update newsboat.profile * Update newsboat.profile * Update gramps.profile * Update freeoffice-textmaker * Update freeoffice-planmaker * Update freeoffice-presentations * Update freeoffice-planmaker * Update freeoffice-presentations * Update freeoffice-textmaker * Rename freeoffice-planmaker to freeoffice-planmaker.profile * Rename freeoffice-presentations to freeoffice-presentations.profile * Rename freeoffice-textmaker to freeoffice-textmaker.profile * Update gramps.profile * Update freeoffice-planmaker.profile * Update freeoffice-presentations.profile * Update freeoffice-textmaker.profile * Update freeoffice-textmaker.profile * Update freeoffice-presentations.profile * Update newsboat.profile * Update gramps.profile * Update freeoffice-planmaker.profile * Update freeoffice-presentations.profile * Update freeoffice-textmaker.profile
* \|	Add mp3splt, mp3wrap, oggsplt, flacsplt	rusty-snake	2019-04-14
\|/
*	Add utox.profile	rusty-snake	2019-04-10
\| \| \| \| \|	Requested by @nyancat18 in https://github.com/netblue30/firejail/issues/1139#issuecomment-314527143
*	fix previous commit, more seccomp testing	netblue30	2019-04-09
\|
*	seccomp fixes	netblue30	2019-04-09
\|
*	Add autokey profiles (#2635)	glitsj16	2019-04-02
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Add autokey to firecfg.config * Update README.md * Update RELNOTES * Create autokey-common.profile * Create autokey-gtk.profile * Create autokey-qt.profile * Create autokey-run.profile * Create autokey-shell.profile
*	Temp fix firecfg (#2634)	glitsj16	2019-04-02
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Temp fixes for firecfg.config * Create Builder.profile * Create clocks.profile * Create Logs.profile * Create Maps.profile * Add TODO to firecfg.config
*	Fixes for man firejail (#2628)	glitsj16	2019-03-29
\|
*	Fix typo's in firecfg util.c (#2627)	glitsj16	2019-03-29
\|
*	Five more game profiles	Tad	2019-03-28
\|
*	mount runtime seccomp files read-only (#2602)	smitsohu	2019-03-23
\| \| \| \| \| \| \|	avoid creating locations in the file system that are both writable and executable (in this case for processes with euid of the user). for the same reason also remove user owned libfiles when it is not needed any more
*	Add kid3, kid3-cli, kid3-qt (#2614)	rusty-snake	2019-03-22
\|
*	Add freemind.profile	rusty-snake	2019-03-21
\|
*	Another five more game profiles	Tad	2019-03-20
\|
*	Four more game profiles	Tad	2019-03-20
\|
*	Add a profile for DCSS	Tad	2019-03-20
\|
*	Five more game profiles	Tad	2019-03-20
\|
*	Merge branch 'master' of https://github.com/netblue30/firejail	smitsohu	2019-03-20
\|\
\| *	New profiles: Maelstrom and ostrichrider	Tad	2019-03-20
\| \|
* \|	hardening: run more code unprivileged	smitsohu	2019-03-20
\| \|
* \|	security: too early to register signal handler	smitsohu	2019-03-20
\|/
*	minor enhancement: added robustness for setres[gu]id function calls	smitsohu	2019-03-16
\|
*	Merge branch 'master' of https://github.com/netblue30/firejail	smitsohu	2019-03-16
\|\
\| *	Follow-up on flatpak/snap support (#2601)	glitsj16	2019-03-16
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Remove obsolete snap support from disable-programs.inc * Remove obsolete snap support from pycharm-community.profile * Update RELNOTES to reflect non-existing/dropped flatpak/snap support * Update firejail.txt to reflect flatpak/snap packages are not supported
\| *	Seahorse revisited (#2600)	glitsj16	2019-03-16
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Refactor seahorse into a whitelist profile * Refactor seahorse-tool as a whitelist profile * Create seahorse-daemon.profile * Add seahorse-daemon to firecfg * Drop blacklist /tmp/.X11-unix from seahorse.profile Thanks to @rusty-snake for pointing out blacklisting /tmp/.X11-unix is ridiculous for GUI's. * Add non-GUI option to seahorse-daemon
* \|	hardening: replace setuid/setgid calls with setresuid/setresgid	smitsohu	2019-03-16
\|/ \| \| \| \| \| \| \| \| \|	when nesting containers and sandboxes, it is possible setuid() fails silently to reset the saved uid, which is then cleared only by the next execve. This is solved by replacing setuid() with more robust setresuid() function calls. Also add code to drop privileges when entering the run_no_sandbox() function (along with some minor tidy up).
*	Hardening compressors (#2594)	glitsj16	2019-03-14
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	* Harden atool * Harden cpio * Fix ordering in private-* options * Harden gzip * Harden tar * Harden bsdtar * Harden+ tar * Harden+ gzip * Harden+ cpio * Create bzip2.profile * Description for bunzip2 * Add bzip2/bunzip2 to firecfg