diff options
author | netblue30 <netblue30@yahoo.com> | 2016-05-26 09:07:31 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-05-26 09:07:31 -0400 |
commit | 6f56bfe78bbb6970660c06f48b0a39b34c47189f (patch) | |
tree | bbbab8fcb2e0be4ebd6e91f918d8a57b2ee67f96 /README.md | |
parent | fixes (diff) | |
parent | Document the restricted-network change (diff) | |
download | firejail-6f56bfe78bbb6970660c06f48b0a39b34c47189f.tar.gz firejail-6f56bfe78bbb6970660c06f48b0a39b34c47189f.tar.zst firejail-6f56bfe78bbb6970660c06f48b0a39b34c47189f.zip |
Merge pull request #537 from KellerFuchs/restricted-netfilter
Make `restricted-network` prevent use of netfilter
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -197,9 +197,9 @@ The following features can be enabled or disabled: | |||
197 | restricted-network | 197 | restricted-network |
198 | Enable or disable restricted network support, default disabled. | 198 | Enable or disable restricted network support, default disabled. |
199 | If enabled, networking features should also be enabled (network | 199 | If enabled, networking features should also be enabled (network |
200 | yes). Restricted networking grants access to --interface and | 200 | yes). Restricted networking grants access to --interface, |
201 | --net=ethXXX only to root user. Regular users are only allowed | 201 | --net=ethXXX and --netfilter only to root user. Regular users |
202 | --net=none. | 202 | are only allowed --net=none. Default disabled |
203 | 203 | ||
204 | secomp Enable or disable seccomp support, default enabled. | 204 | secomp Enable or disable seccomp support, default enabled. |
205 | 205 | ||