github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-16 14:16:16 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6
4267 commits 10 branches 71 tags 33 MiB
Commit graph

4267 commits

This branch
This branch
All branches
Author SHA1 Message Date
smitsohu
2cbffc0721 disallow overriding of global rlimits, tiny improvements 2018-09-06 19:40:11 +02:00
netblue30
d7e5a6ac35 cleanup 2018-09-05 11:17:07 -04:00
smitsohu
884d59f5a5 improve safe_fd() function for better readability and auditability 2018-09-05 00:02:22 +02:00
netblue30
8f34c47723 fix --shell 2018-09-03 14:51:41 -04:00
netblue30
b68138cba6 adding fluxbox, blackbox, awesome, i3 profiles 2018-09-03 14:25:18 -04:00
netblue30
56935ee091 minor cleanup 2018-09-03 09:17:38 -04:00
netblue30
f10a040342 merges 2018-09-03 09:14:55 -04:00
netblue30
2581cf8539
Merge pull request #2104 from matu3ba/profiles 
hardening evince, dbus not needed
 2018-09-03 08:12:16 -05:00
netblue30
55cd5c1d8f chroot problem (Debian) 2018-09-03 08:48:52 -04:00
Tad
0fcbc06e11 Merges 2018-09-03 04:06:12 -04:00
veloute
bf77f08e62 created jdownloader profile (#2105) 
* created jdownloader profile

* fixed some issues

* few more changes
 2018-09-03 04:03:00 -04:00
smitsohu
1fe78bd979 additional restrictions for write-permissions on chroot 2018-09-02 14:21:54 +02:00
netblue30
ba2e5f55ed chroot problem: default profile not configured by default 2018-09-01 08:48:19 -04:00
janph
61de79537a hardening evince, dbus not needed 2018-09-01 14:28:17 +02:00
netblue30
07384ab64a --chroot fixes (Debian problem) 2018-09-01 07:59:40 -04:00
smitsohu
50dcaf8fbf error strings 2018-09-01 12:56:30 +02:00
smitsohu
6a69845df1 consolidate and enhance checks run on chroot directory hierarchy (patch n/n) 2018-09-01 03:06:43 +02:00
smitsohu
2f5a792944 reduce number of chown/chmod calls in fs_chroot 2018-08-31 15:21:04 +02:00
startx2017
ef4409e7b7 added whois and dig profiles 2018-08-30 07:29:05 -04:00
smitsohu
bbac3af66e little tweak 2018-08-30 00:58:21 +02:00
smitsohu
1d18b57644 reject chroot if it is world-writable, related enhancements 2018-08-30 00:06:12 +02:00
smitsohu
8980a5c96a more silencing of /sys umount warnings 2018-08-29 19:36:22 +02:00
netblue30
594e2a48ec cleanup 2018-08-29 08:55:32 -04:00
Vincent43
5451cde71a
apparmor: cleanup /home path 2018-08-29 13:00:10 +01:00
netblue30
ec9ac7df45 cleanup 2018-08-29 07:35:28 -04:00
smitsohu
88c4986c5d silence warning about failed unmounting of /sys (overlay options) 2018-08-29 01:42:45 +02:00
netblue30
7c0cf390b0 cleanup 2018-08-28 19:00:05 -04:00
smitsohu
649cd39617 Revert "improve --chroot directory check" 
this was unnecessary

This reverts commit 0c2cbf05aa.
 2018-08-28 20:59:25 +02:00
smitsohu
0c2cbf05aa
improve --chroot directory check 2018-08-28 20:50:27 +02:00
netblue30
1768f8a466 fix private-tmp and private-dev in fbuilder 2018-08-28 13:12:36 -04:00
netblue30
7a3e6b679e Merge branch 'master' of http://github.com/netblue30/firejail 2018-08-28 13:04:25 -04:00
netblue30
8ce3b7ab97 fbuider cleanup 2018-08-28 13:04:13 -04:00
Vincent43
f10fead1c2
spotify.profile: allow /etc/hosts 2018-08-28 17:37:19 +01:00
smitsohu
2d08ecaf45 Merge branch 'master' of https://github.com/netblue30/firejail 2018-08-28 17:01:59 +02:00
smitsohu
34f148031a fix and harden overlay options 2018-08-28 16:45:55 +02:00
netblue30
74b564d1c9 memory leaks 2018-08-28 08:46:37 -04:00
Vincent43
9c6ce24a50
apparmor: disable exec from home by default 
Executing from /home was supposed to be disabled by default
 2018-08-27 17:29:03 +01:00
Vincent43
1b309f879c
apparmor: improve rules for filesystem access 
* Make clear distinction for read, write and execute.
* Don't allow write and execute at the same time.
* Simplify and improve syntax to catch more exceptions with fewer rules
 2018-08-27 17:23:57 +01:00
Fred-Barclay
a799848383
Add private-bin to 0ad 2018-08-26 13:57:18 -05:00
netblue30
95deecf1f3 allow system users to run the sandbox 2018-08-26 13:23:28 -04:00
netblue30
fc7a9505c5 support for local user directories in firecfg (--bindir) 2018-08-25 11:03:25 -04:00
smitsohu
da76c64dcd cleanup, small improvements 2018-08-25 10:29:16 +02:00
Fred-Barclay
ce1fcbab3d
Add python program to more easily debug profiles 
Should help with issues like #1946 where the user needs to comment out
all profile lines and then re-enable them individually to test
 2018-08-24 12:09:16 -05:00
Tad
ea1836ca82 Fixup obs.profile (no python) 2018-08-23 14:51:36 -04:00
Tad
6cd9ba08bd Merges 2018-08-23 11:40:09 -04:00
1dnrr
467be071b4 Create pybitmessage.profile (#2092) 
tested on fedora-28 with pybitmessage 0.6.3.2
 2018-08-23 15:37:01 +01:00
smitsohu
1d693da31f
Merge pull request #2094 from 1dnrr/patch-3 
Update disable-common.inc
 2018-08-23 11:38:29 +02:00
1dnrr
6b84a6a9e8
Update disable-common.inc 2018-08-23 07:30:54 +00:00
Tad
3f6643d40f Misc fixes 2018-08-22 20:54:28 -04:00
smitsohu
5c84896527
fix microphone in slack profile - #2034 2018-08-23 02:01:38 +02:00