diff options
author | netblue30 <netblue30@yahoo.com> | 2020-10-25 08:51:18 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2020-10-25 08:51:18 -0400 |
commit | e4d053e907fd48496bc26739ab9aa21cf32a4d8a (patch) | |
tree | 4817e7dd5ecbc64b08332f08de52bf954d552ef1 /README.md | |
parent | Merge pull request #3676 from rusty-snake/tmpfs-inside-home (diff) | |
download | firejail-e4d053e907fd48496bc26739ab9aa21cf32a4d8a.tar.gz firejail-e4d053e907fd48496bc26739ab9aa21cf32a4d8a.tar.zst firejail-e4d053e907fd48496bc26739ab9aa21cf32a4d8a.zip |
merges
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 44 |
1 files changed, 25 insertions, 19 deletions
@@ -158,36 +158,42 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
158 | 158 | ||
159 | ## Current development version: 0.9.65 | 159 | ## Current development version: 0.9.65 |
160 | 160 | ||
161 | Milestone page: https://github.com/netblue30/firejail/milestone/1 | ||
162 | Release discussion: https://github.com/netblue30/firejail/issues/3696 | ||
163 | |||
164 | |||
165 | |||
161 | ### Profile Statistics | 166 | ### Profile Statistics |
162 | 167 | ||
163 | A small tool to print profile statistics. Compile as usual and run in /etc/profiles: | 168 | A small tool to print profile statistics. Compile as usual and run in /etc/profiles: |
164 | ````` | 169 | ````` |
170 | $ sudo cp src/prfostats/profstats /etc/firejail/. | ||
171 | $ cd /etc/firejail | ||
165 | $ ./profstats *.profile | 172 | $ ./profstats *.profile |
166 | Warning: multiple caps in transmission-daemon.profile | 173 | Warning: multiple caps in transmission-daemon.profile |
167 | 174 | ||
168 | Stats: | 175 | Stats: |
169 | profiles 1029 | 176 | profiles 1031 |
170 | include local profile 1029 (include profile-name.local) | 177 | include local profile 1031 (include profile-name.local) |
171 | include globals 1029 (include globals.local) | 178 | include globals 1031 (include globals.local) |
172 | blacklist ~/.ssh 1005 (include disable-common.inc) | 179 | blacklist ~/.ssh 1007 (include disable-common.inc) |
173 | seccomp 975 | 180 | seccomp 976 |
174 | capabilities 1028 | 181 | capabilities 1030 |
175 | noexec 899 (include disable-exec.inc) | 182 | noexec 901 (include disable-exec.inc) |
176 | memory-deny-write-execute 220 | 183 | memory-deny-write-execute 221 |
177 | apparmor 549 | 184 | apparmor 555 |
178 | private-bin 542 | 185 | private-bin 544 |
179 | private-dev 897 | 186 | private-dev 897 |
180 | private-etc 431 | 187 | private-etc 435 |
181 | private-tmp 784 | 188 | private-tmp 785 |
182 | whitelist home directory 469 | 189 | whitelist home directory 474 |
183 | whitelist var 695 (include whitelist-var-common.inc) | 190 | whitelist var 699 (include whitelist-var-common.inc) |
184 | whitelist run/user 334 (include whitelist-runuser-common.inc | 191 | whitelist run/user 336 (include whitelist-runuser-common.inc |
185 | or blacklist ${RUNUSER}) | 192 | or blacklist ${RUNUSER}) |
186 | whitelist usr/share 354 (include whitelist-usr-share-common.inc | 193 | whitelist usr/share 359 (include whitelist-usr-share-common.inc |
187 | net none 332 | 194 | net none 333 |
188 | dbus-user none 523 | 195 | dbus-user none 523 |
189 | dbus-system none 627 | 196 | dbus-system none 632 |
190 | ````` | ||
191 | 197 | ||
192 | ### New profiles: | 198 | ### New profiles: |
193 | 199 | ||