aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2016-09-06 09:12:57 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2016-09-06 09:12:57 -0400
commitcac5c1da30ee626cddea673a65c08bbff7b1df4b (patch)
tree90b2b456892a24ff572900eb6bac571191cdc4c9
parentMerge pull request #766 from manevich/fixes (diff)
downloadfirejail-cac5c1da30ee626cddea673a65c08bbff7b1df4b.tar.gz
firejail-cac5c1da30ee626cddea673a65c08bbff7b1df4b.tar.zst
firejail-cac5c1da30ee626cddea673a65c08bbff7b1df4b.zip
todo
Diffstat
-rw-r--r--README1
-rw-r--r--todo11
2 files changed, 10 insertions, 2 deletions
diff --git a/README b/README
index 7ba78a05f..0302114d6 100644
--- a/README
+++ b/README
@@ -41,6 +41,7 @@ Aleksey Manevich (https://github.com/manevich)
41 - gether shell selection code in one place 41 - gether shell selection code in one place
42 - fixed several TOCTOU security problems 42 - fixed several TOCTOU security problems
43 - added --fix option to firecfg utility 43 - added --fix option to firecfg utility
44 - read_pid fix
44Fred-Barclay (https://github.com/Fred-Barclay) 45Fred-Barclay (https://github.com/Fred-Barclay)
45 - added Vivaldi, Atril profiles 46 - added Vivaldi, Atril profiles
46 - added PaleMoon profile 47 - added PaleMoon profile
diff --git a/todo b/todo
index 6fe7c5e6f..2a5a3e388 100644
--- a/todo
+++ b/todo
@@ -259,8 +259,8 @@ $ sudo reboot
259If you are using auditd, start aa-notify to get notification whenever a program causes a DENIED message. 259If you are using auditd, start aa-notify to get notification whenever a program causes a DENIED message.
260$ sudo aa-notify -p -f /var/log/audit/audit.log 260$ sudo aa-notify -p -f /var/log/audit/audit.log
261 261
262/sys/module/apparmor/parameters/enabled 262$ sudo cat /sys/kernel/security/apparmor/profiles | grep firejail
263/sys/kernel/security/apparmor 263firejail-default (enforce)
264 264
26524. check monitor proc behaviour for sandboxes with --blacklist=/proc 26524. check monitor proc behaviour for sandboxes with --blacklist=/proc
266also check --apparmor in this case 266also check --apparmor in this case
@@ -271,3 +271,10 @@ sudo mount -o remount,rw,hidepid=2 /proc
271 271
27226. mupdf profile 27226. mupdf profile
273 273
27427. LUKS
275
276dm-crypt+LUKS – dm-crypt is a transparent disk encryption subsystem in
277Linux kernel v2.6+ and later and DragonFly BSD. It can encrypt whole disks,
278removable media, partitions, software RAID volumes, logical volumes, and files.
279
28028. add support for whitelisting /mtn
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-29 09:15:04 +0000