| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2019-10-12 | Remove a useless `\` | jvoisin | |
| 2019-10-12 | Remove useless parenthesis | jvoisin | |
| 2019-10-12 | Fix a test for png's lightweight cleaning on corrupted files | jvoisin | |
| 2019-10-12 | Replace abstractstaticmethod with abstractmethod | jvoisin | |
| Apparently, abstractstaticmethod is deprecated since python3.3. | |||
| 2019-10-05 | Mount a new tmpfs on /tmp and drop all capabilities | madaidan | |
| This mounts a new tmpfs on /tmp so any files residing there would be hidden from the sandbox. Many programs store some files in there that might be useful to an attacker. It also drops all capabilities incase it is ever run with extra capabilities for whatever reason. | |||
| 2019-09-21 | Fix bubblewrap | jvoisin | |
| On some machines (like mine), `/proc` has to be mounted. Also, since sandboxing with bubblewrap is best effort and assumes that an attacker doesn't have control outside of the file to clean, it's safe to __try__ to enable some bubblewrap features, and to silently fail otherwise. | |||
| 2019-09-01 | Mark a comment as FP | jvoisin | |
| 2019-09-01 | Add support for ppm | jvoisin | |
| 2019-09-01 | Add a test for nsid cleaning | jvoisin | |
| 2019-09-01 | Improve a bit the comments in the code | jvoisin | |
| This is related to the previous commit | |||
| 2019-09-01 | Remove nsid fields from MSOffice documents | jvoisin | |
| nsids are random identifiers, usually used to ease merging between documents, and can trivially be used for fingerprinting. | |||
| 2019-08-31 | Add support for inplace cleaning | jvoisin | |
| 2019-08-01 | Some arguments of mat2 are mutually exclusive | jvoisin | |
| 2019-07-22 | Tweak a bit the ci | jvoisin | |
| - gentoo and debian with bubblewrap are not allowed to fail anymore - don't run coverage on debian without bubblewrap | |||
| 2019-07-22 | Remove a mypy workaround to bump coverage back to 100% | jvoisin | |
| 2019-07-22 | Add a test for svg namespace | jvoisin | |
| 2019-07-22 | CI: Run bubblewrap tests as different user than 'root' to fix errors | georg | |
| It seems, there is a bug somewhere if the test suite is invoked as 'root', and bubblewrap is available. | |||
| 2019-07-22 | CI: Add job to run codespell, a spell checking software | georg | |
| 2019-07-20 | Fix mypy | jvoisin | |
| 2019-07-18 | Display the filename along with the "No metadata found" message | jvoisin | |
| 2019-07-14 | Nautilus: Add note that distribution packages ship the extension | georg | |
| Relates #106 | |||
| 2019-07-14 | README: Drop note about Debian jessie, which is oldoldstable nowadays | georg | |
| As such, hopefully, it's not really used widely anymore. If so, this note isn't really relevant. | |||
| 2019-07-14 | README: Add note about the user interfaces provided | georg | |
| 2019-07-14 | README: Drop note about web disclosure to broaden the possible use cases | georg | |
| 2019-07-13 | INSTALL: Update Debian package status | georg | |
| Also, make the note generic, to omit the need to update it "constantly". Closes #76 | |||
| 2019-07-13 | Please mypy | jvoisin | |
| 2019-07-13 | Add support for svg | jvoisin | |
| 2019-07-13 | Compress cleaned zip archives by default | jvoisin | |
| 2019-07-13 | Please mypy | jvoisin | |
| 2019-07-10 | doc/threat_model: this is about mat2, not mat | georg | |
| 2019-06-05 | Parallelize the cli | jvoisin | |
| 2019-05-16 | Document the archives handling implementation's details | jvoisin | |
| 2019-05-16 | Use memoization get _*_path() functions | jvoisin | |
| This shouldn't make a big difference in the CLI/extension usage, but might improve the performances of long-running instances, or people misusing the API. | |||
| 2019-05-14 | Please mypy wrt. the last two commits | jvoisin | |
| 2019-05-13 | Rework the dependency checks to distinguish required/optional ones | Antoine Tenart | |
| Rework the dependencies definition to include a 'required' flags, which is passed by the check_dependencies helper to the callers, so that they can distinguish between required and optional dependencies. This help in two ways: - The unit test for the dependencies was now failing when an optional one was missing, due to a previous rework. - Mat2's --check-dependencies was referring to "required dependencies" and was misleading for the user as some of them could be optional. Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf> | |||
| 2019-05-13 | tests: libmat2: RuntimeError cannot be thrown by chech_dependencies | Antoine Tenart | |
| Remove the try/except logic when calling check_dependencies, as it cannot throw the exception anymore (it's caught already in the function). Signed-off-by: Antoine Tenart <antoine.tenart@ack.tf> | |||
| 2019-05-13 | Please pylint | jvoisin | |
| 2019-05-13 | Improve a bit the debug mode | jvoisin | |
| 2019-05-11 | Document how mat2 compares to other software | jvoisin | |
| 2019-05-10 | Bump the changelog0.9.0 | jvoisin | |
| 2019-05-09 | Test the cli's behaviour with valid and invalid files | jvoisin | |
| This should ensure that if we decide to implement some threading in the cli, a faulty file won't break everything. | |||
| 2019-05-09 | Minor code cleanup | jvoisin | |
| 2019-05-08 | Fix an erroneous errors message | jvoisin | |
| This one was spotted by @fuzzy | |||
| 2019-05-08 | Allow failure with bubblewrap for now | jvoisin | |
| 2019-05-08 | Add tests to find possible race-conditions in the cli | jvoisin | |
| 2019-05-03 | typo | fuzzy | |
| 2019-05-01 | Add some verification for "dangerous" tarfiles | jvoisin | |
| 2019-04-27 | Handle weird permissions in tar archives | jvoisin | |
| 2019-04-27 | Improve the display of tarfile's members mtime | jvoisin | |
| 2019-04-27 | Add support for compressed tar files | jvoisin | |
 |
index : mat2 | |
| mat2 is a metadata removal tool, supporting a wide range of commonly used file formats, written in python3: at its core, it's a library, used by an eponymous command-line interface, as well as several file manager extensions. |
| summaryrefslogtreecommitdiff |