github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 06:45:29 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1
8968 commits 10 branches 71 tags 33 MiB
Commit graph

8968 commits

This branch
This branch
All branches
Author SHA1 Message Date
netblue30
ecb408418f bringing back whitelisting /dev 2023-01-14 10:41:08 -05:00
Kelvin M. Klann
7902594e7a RELNOTES: add bugfix for --profile-path in --help 
Relates to #5585 #5586.
 2023-01-14 04:54:51 -03:00
netblue30
16fc10fc34
Merge pull request #5586 from netblue30/rusty-snake-patch-1 
Remove --profile-path from --help
 2023-01-13 20:14:55 -05:00
rusty-snake
64126f7c79
Remove --profile-path from --help 
Fixes  #5585
 2023-01-13 21:40:19 +00:00
Reiner Herrmann
ee89a263e2 bump release date 2023-01-12 19:17:01 +01:00
netblue30
9f5c42b2e7 fix make test-filters 2023-01-12 13:12:10 -05:00
netblue30
ac815a4e61 rel 0.9.72 testing: disable whitelisting /dev directory 2023-01-12 12:25:38 -05:00
netblue30
2d0d9a4080 rel 0.9.72 testing: cleanup make test-private-lib 2023-01-12 11:33:47 -05:00
glitsj16
de85a0fa6a
geary: fix opening hyperlinks via D-Bus (#5565) 2023-01-12 15:34:54 +00:00
netblue30
9154910908 Merge branch 'master' of ssh://github.com/netblue30/firejail 2023-01-12 10:09:26 -05:00
netblue30
455a3cb731 rel 0.9.72 testing 2023-01-12 09:50:23 -05:00
Kelvin M. Klann
ccd346f429 RELNOTES: add build item 
Relates to #5577.
 2023-01-12 10:50:41 -03:00
Kelvin M. Klann
09e11920b8 RELNOTES: add --netlock bugfix 
Relates to #5312.
 2023-01-12 10:48:56 -03:00
netblue30
c0eee56167
Merge pull request #5577 from kmk3/build-vim-sh-portability 
build: make shell commands more portable in firejail.vim
 2023-01-12 08:30:23 -05:00
netblue30
c2a249a232
Merge pull request #5583 from glitsj16/harden-qm 
QMediathekView: hardening
 2023-01-12 08:29:17 -05:00
glitsj16
0d64159b05
QMediathekView: add mkdir and reorder whitelist options 
As suggested in review.
 2023-01-12 02:38:42 +00:00
Kelvin M. Klann
b96955b816 RELNOTES: add docs item 
Relates to #5554.
 2023-01-11 11:11:19 -03:00
glitsj16
14d3007f97
QMediathekView: hardening 2023-01-11 11:07:38 +00:00
dependabot[bot]
a4eb84d5e8 build(deps): bump actions/checkout from 3.2.0 to 3.3.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](755da8c3cf...ac59398561)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-09 19:02:51 +00:00
Kelvin M. Klann
fefe8a9ade firejail.vim: use sed instead of rg 
To avoid depending on an extra package without need.

Commands used to search and replace:

    $ f=contrib/vim/syntax/firejail.vim; \
      printf '%s\n' "$(sed -E \
        "s|rg -o '([^']+)' -r '\\\$1'|sed -En 's/.*\\1.*/\\\\1/p'|" "$f")" >"$f"

Note: `sed -E` is not in POSIX.1-2017 (Issue 7), but it has been
accepted into the upcoming POSIX standard version[1] and is supported by
at least GNU, busybox and OpenBSD grep.

Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06).

[1] https://www.austingroupbugs.net/view.php?id=528
 2023-01-09 02:44:25 -03:00
Kelvin M. Klann
f6ea99dd1c firejail.vim: remove redundant sed -e flags 
Only a single script is passed by argument in each invocation.

Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06) and on commit d2e10f2f5 ("vim: update list of syscalls",
2021-05-29) / PR #4318.
 2023-01-09 02:44:25 -03:00
Kelvin M. Klann
e0d0739249 firejail.vim: remove non-POSIX grep -x flag 
It seems to be equivalent to just delimiting the beginning and the end
of the line with `^foo$`.

Also, put the regex mode (-E) first.

Commands used to search and replace:

    $ f=contrib/vim/syntax/firejail.vim; \
      printf '%s\n' "$(sed -E \
        "s|grep -vEx '([^']+)'|grep -Ev '^\\1\$'|" "$f")" >"$f"

Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06).
 2023-01-09 02:44:25 -03:00
Kelvin M. Klann
97c4f09148 firejail.vim: remove literal newline escapes in tr 
POSIX tr understands '\n', so use that instead of the less portable
$'\n'.

Commands used to search and replace:

    $ f=contrib/vim/syntax/firejail.vim; \
      printf '%s\n' "$(sed -E \
        "s/tr +\\\$'\\\\n'/tr '\\\\n'/g" "$f")" >"$f"

Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06).
 2023-01-09 02:44:25 -03:00
netblue30
15011a6d82 Merge branch 'master' of ssh://github.com/netblue30/firejail 2023-01-04 15:58:16 -05:00
netblue30
24dd0a27d0 merges 2023-01-04 15:56:53 -05:00
netblue30
379e3e05a3
Merge pull request #5564 from glitsj16/claws-mail+sylpheed 
claws-mail and sylpheed D-Bus hardening
 2023-01-04 12:16:00 -05:00
netblue30
223fdeff58
Merge pull request #5569 from glitsj16/electron-hardening 
electron hardening fixes
 2023-01-04 12:15:02 -05:00
netblue30
286c8a1374
Merge pull request #5475 from KOLANICH-tools/aa_fix 
A temporary fix to the bug caused by apparmor profiles stacking.
 2023-01-04 12:13:26 -05:00
netblue30
069ad9d30e
Merge pull request #5556 from Dpeta/chatterino-profile 
Add profile for Chatterino
 2023-01-04 12:09:07 -05:00
netblue30
6bd93dded7
Merge pull request #5553 from slowpeek/master 
Blacklist  google-drive-ocamlfuse config
 2023-01-04 12:02:34 -05:00
glitsj16
415244f14f
ytmdesktop: fix typo (#5567) 2023-01-04 17:21:42 +01:00
glitsj16
cf89a886db
Create electron-hardened.inc.profile 2023-01-04 04:51:52 +00:00
glitsj16
dc4a38b614
electron: change hardening comment 2023-01-04 04:50:09 +00:00
glitsj16
ded5b2da23
sylpheed: allow opening hyperlinks via D-Bus 2023-01-03 09:06:42 +00:00
glitsj16
cd82473613
claws-mail: harden D-Bus 
Relates to https://github.com/netblue30/firejail/issues/5477.
 2023-01-03 09:03:37 +00:00
smitsohu
9cfd0921fd
Merge pull request #5554 from Dpeta/dbus-wiki-link-fix 
Update DBus wiki link
 2022-12-27 23:35:13 +01:00
smitsohu
d113afc6f8
Merge pull request #5557 from smitsohu/wm-fixes 
window manager profiles: fix browser/electron internal sandboxes
 2022-12-27 23:32:06 +01:00
netblue30
e80fae7472 restrict-namespaces stats 2022-12-26 09:49:42 -05:00
Dpeta
cdeaff836b
Apply code review suggestions to chatterino.profile 
- Remove waf from private-bin
 - Move optional commands to the top
 - Reorder allow lua/python
 2022-12-25 23:16:24 +01:00
Dpeta
56ba182b77
Apply suggestions from code review 
Co-authored-by: Kelvin M. Klann <kmk3.code@protonmail.com>
 2022-12-25 23:11:07 +01:00
Dpeta
34f3311474
Remove unnecessary mkdir 2022-12-25 22:24:50 +01:00
Dpeta
85c5e1c8be
Fix music/pictures whitelist path in chatterino.profile 2022-12-25 22:05:37 +01:00
Dpeta
ecf6aca3fd
Apply the other code review suggestions to chatterino.profile 2022-12-25 21:54:17 +01:00
Dpeta
805b04ded3
Apply commitable suggestions from code review 
I'll try the rest manually soon

Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
 2022-12-25 20:50:01 +01:00
smitsohu
e31c599cd0 window manager profiles: fix browser/electron internal sandboxes 2022-12-25 19:48:42 +01:00
Dpeta
3af6c40683
Add Chatterino profile 2022-12-25 15:30:47 +01:00
smitsohu
5116c1cedd testing 2022-12-24 03:08:31 +01:00
smitsohu
ddc76329b5 chroot: make search permission check explicit 2022-12-24 03:00:22 +01:00
Dpeta
817180fce5
Update DBus wiki link 2022-12-23 19:26:10 +01:00
slowpeek
d0c4a599a2
Blacklist XDG cache and data dirs for google-drive-ocamlfuse 2022-12-23 18:32:41 +02:00