github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 06:45:29 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1
5182 commits 10 branches 71 tags 33 MiB
Commit graph

33 commits

Author SHA1 Message Date
rusty-snake
217d0e2594
many profile cleanups 2019-06-02 14:09:20 +02:00
netblue30
b9c8a94590 adding disable-exec.inc to the remaining profiles 2019-04-12 11:53:09 -04:00
glitsj16
b5965d0cc0
Streamline Include comment for relevant profiles (#2474) 
* Streamline include comment for 7z.profile

* Streamline include comment for gzip.profile

* Streamline include comment for less.profile

* Streamline include comment for  strings.profile

* Streamline include comment for tar.profile

* Streamline include comment for unrar.profile

* Streamline include comment for unzip.profile

* Streamline include comment for uudeview.profile

* Streamline include comment for xzdec.profile
 2019-02-25 07:12:00 +00:00
glitsj16
91a5cf5dbd
Harden less.profile (#2466) 2019-02-24 22:12:31 +00:00
netblue30
92bff8a23c
Merge pull request #2201 from SkewedZeppelin/u2f-ap 
Add nou2f to all profiles
 2018-10-17 08:00:00 -05:00
Glenn Washburn
7c533c9aa5 Remove "/etc/firejail/" from all include paths, now that profile_read will search for the file. 2018-10-17 00:43:54 -05:00
Tad
284e0750e5 Add nou2f to all profiles 
- Closes #2194
 2018-10-15 13:14:15 -04:00
Tad
82a0cd2e71 Cleanup descriptions 2018-08-13 22:35:05 -04:00
Tad
40330b246d Add descriptions to profiles, pulled from Ubuntu 18.04 2018-08-13 21:48:41 -04:00
glitsj16
6ee5afa31b don't include globals.local twice (take two) (#2010) 
* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice

* avoid including globals.local twice
 2018-06-24 16:20:32 +00:00
Tad
b885aec301 Add private-cache to many profiles 
grep "cache" -L $(grep "redirect" -iL $(grep "whitelist" -RL))
 2018-06-14 17:28:34 -04:00
glitsj16
f3700f8acd
correct spelling 2018-04-16 20:38:16 +00:00
smitsohu
7a37dc31ab recalibrate dbus access, deploy nodbus option 
see #1822 and #1825. also systematically replaces
'blacklist /run/user/*/bus' with 'nodbus'.

with contributions from @Fred-Barclay
 2018-03-28 03:23:59 +02:00
Fred-Barclay
eb4b505ac2 Consistent home directory nomenclature 2017-11-17 12:32:32 -06:00
smitsohu
55938d07a5 disable non-abstract session bus address 
systematically blacklist /run/user/*/bus in all profiles with
'net none'. targets distros like Fedora
 2017-10-22 11:34:51 +02:00
netblue30
f25fa5cbc2 added private-lib to eog, eom, file, gpicview, less, strings, and tar 2017-10-16 08:58:30 -04:00
Tad
104dde49c0 Fix nodvd placement 2017-08-13 15:53:04 -04:00
netblue30
647b6a220e added nodvd to most profiles 2017-08-13 07:36:06 -04:00
Tad
71f838b5ba Fix notv placement 2017-08-11 21:03:13 -04:00
netblue30
b97ca53e7b added notv to most profiles 2017-08-11 10:21:18 -04:00
netblue30
c9b5774aa7 fix less for #1450 2017-08-10 11:25:58 -04:00
Tad
9e3ba319be Unify all profiles 2017-08-07 01:22:08 -04:00
Tad
b18f42ab02 Initial adding of memory-deny-write-execute to profiles 
- mdwe breaks most vm-based languages so python/java/javascript and some mono programs are not compatible
- mdwe also breaks most 3d accelerated programs such as 3d games
- mdwe is similar to PaX's mprotect meaning PaX flag managers can be used as reference
-- See https://github.com/copperhead/paxd-archive/blob/master/paxd.conf
-- See https://github.com/nning/linux-pax-flags
 2017-08-02 00:13:42 -04:00
Tad
5354f20012 Harden 50 profiles 
Hardened many profiles using disable-mnt and novideo
Fixed gnome-font-viewer
 2017-07-04 11:35:29 -04:00
netblue30
b53d02259e fix quiet in profiles 2017-06-08 15:00:27 -04:00
netblue30
dce9b9b9eb added /etc/firejail/globals.local for global customizations 2017-05-23 12:02:22 -04:00
netblue30
975c6f327f persistent support for all profile files 2017-02-09 10:53:33 -05:00
valoq
29ab333108
hardened various profiles 2016-12-21 10:29:14 +01:00
Fred-Barclay
88972056f4 squash attempt 2 2016-10-24 15:33:54 -05:00
netblue30
ae4e4fa1e0 removed private-tmp from sysutils 2016-10-03 16:34:46 -04:00
netblue30
19a9166bd3 added quiet profile command 2016-08-01 09:55:12 -04:00
netblue30
442655366f nosound 2016-07-08 09:00:27 -04:00
netblue30
e413b78c49 sysutils 2016-06-28 08:41:51 -04:00