audit feature

author: netblue30 <netblue30@yahoo.com> 2016-07-05 10:13:25 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-07-05 10:13:25 -0400
commit: 73ce1000234e0910bc77f424e481a47c6da55dbb (patch)
tree: 4756996183560b6ec401d8fc35e1c4d15ce972de /README.md
parent: audit feature (diff)
download: firejail-73ce1000234e0910bc77f424e481a47c6da55dbb.tar.gz
firejail-73ce1000234e0910bc77f424e481a47c6da55dbb.tar.zst
firejail-73ce1000234e0910bc77f424e481a47c6da55dbb.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/README.md b/README.md
index 230657756..a46e116d0 100644
--- a/README.md
+++ b/README.md
@@ -65,6 +65,27 @@ More packages build by AppImage developer Simon Peter: https://bintray.com/probo
 AppImage project home: https://github.com/probonopd/AppImageKit
+## Sandbox auditing
+`````
+AUDIT
+       Audit feature allows the user to point out gaps in  security  profiles.
+       The  implementation  replaces  the  program to be sandboxed with a test
+       program. By default, we use faudit program distributed with Firejail. A
+       custom test program can also be supplied by the user. Examples:
+       Running the default audit program:
+            $ firejail --audit transmission-gtk
+       Running a custom audit program:
+            $ firejail --audit=~/sandbox-test transmission-gtk
+       In  the examples above, the sandbox configures transmission-gtk profile
+       and starts the test program. The real program,  transmission-gtk,  will
+       not be started.
+       Limitations: audit feature is not implemented for --x11 commands.
+`````
 ## Converting profiles to private-bin - work in progress!
 BitTorrent: deluge, qbittorrent, rtorrent, transmission-gtk, transmission-qt, uget-gtk
author	netblue30 <netblue30@yahoo.com>	2016-07-05 10:13:25 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-07-05 10:13:25 -0400
commit	73ce1000234e0910bc77f424e481a47c6da55dbb (patch)
tree	4756996183560b6ec401d8fc35e1c4d15ce972de /README.md
parent	audit feature (diff)
download	firejail-73ce1000234e0910bc77f424e481a47c6da55dbb.tar.gz firejail-73ce1000234e0910bc77f424e481a47c6da55dbb.tar.zst firejail-73ce1000234e0910bc77f424e481a47c6da55dbb.zip

diff --git a/README.md b/README.md index 230657756..a46e116d0 100644 --- a/README.md +++ b/README.md
@@ -65,6 +65,27 @@ More packages build by AppImage developer Simon Peter: https://bintray.com/probo
65		65
66	AppImage project home: https://github.com/probonopd/AppImageKit	66	AppImage project home: https://github.com/probonopd/AppImageKit
67		67
		68	## Sandbox auditing
		69	`````
		70	AUDIT
		71	Audit feature allows the user to point out gaps in security profiles.
		72	The implementation replaces the program to be sandboxed with a test
		73	program. By default, we use faudit program distributed with Firejail. A
		74	custom test program can also be supplied by the user. Examples:
		75
		76	Running the default audit program:
		77	$ firejail --audit transmission-gtk
		78
		79	Running a custom audit program:
		80	$ firejail --audit=~/sandbox-test transmission-gtk
		81
		82	In the examples above, the sandbox configures transmission-gtk profile
		83	and starts the test program. The real program, transmission-gtk, will
		84	not be started.
		85
		86	Limitations: audit feature is not implemented for --x11 commands.
		87	`````
		88
68	## Converting profiles to private-bin - work in progress!	89	## Converting profiles to private-bin - work in progress!
69		90
70	BitTorrent: deluge, qbittorrent, rtorrent, transmission-gtk, transmission-qt, uget-gtk	91	BitTorrent: deluge, qbittorrent, rtorrent, transmission-gtk, transmission-qt, uget-gtk