Firejail prompt is enabled by env variable FIREJAIL_PROMPT=yes

author: netblue30 <netblue30@yahoo.com> 2016-08-23 10:04:41 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-08-23 10:04:41 -0400
commit: 1bb4451d94cde3b4617c3cbdcf765cedb2945e06 (patch)
tree: 5c6d5e5c4b021afdbc310d8cd240d9ebff391fef /RELNOTES
parent: chroot and overlayfs hardening (diff)
download: firejail-1bb4451d94cde3b4617c3cbdcf765cedb2945e06.tar.gz
firejail-1bb4451d94cde3b4617c3cbdcf765cedb2945e06.tar.zst
firejail-1bb4451d94cde3b4617c3cbdcf765cedb2945e06.zip
1 files changed, 29 insertions, 28 deletions
diff --git a/RELNOTES b/RELNOTES
index 2a3d93771..cc0c1489c 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -1,35 +1,36 @@
 firejail (0.9.42~rc2) baseline; urgency=low
  * security: --whitelist deleted files, submitted by Vasya Novikov
-  * security: disable x32 ABI, submitted by Jann Horn
+  * security: disable x32 ABI in seccomp, submitted by Jann Horn
  * security: tighten --chroot, submitted by Jann Horn
  * security: terminal sandbox escape, submitted by Stephan Sokolow
-  * deprecated --user option, please use "sudo -u username firejail" instead
+  * modifs: deprecated --user option, please use "sudo -u username firejail" instead
-  * --read-write option rework
+  * modifs: allow symlinks in home directory for --whitelist option
-  * allow symlinks in home directory for --whitelist option
+  * modifs: Firejail prompt is enabled by env variable FIREJAIL_PROMPT="yes"
-  * --allow-debuggers option
+  * modifs: recursive mkdir
-  * --private-template (very simillar to the former --private-home)
+  * modifs: include /dev/snd in --private-dev
-  * AppImage support (--appimage)
+  * modifs: seccomp filter update
-  * AppArmor support (--apparmor)
+  * feature: AppImage support (--appimage)
-  * compile time support for Busybox
+  * feature: AppArmor support (--apparmor)
-  * Sandbox auditing support (--audit)
+  * feature: Ubuntu snap support (/etc/firejail/snap.profile)
-  * remove environment variable (--rmenv)
+  * feature: Sandbox auditing support (--audit)
-  * noexec support (--noexec)
+  * feature: remove environment variable (--rmenv)
-  * --overlay-clean option
+  * feature: noexec support (--noexec)
-  * --overlay-named=name option
+  * feature: clean local overlay storage directory (--overlay-clean)
-  * compile time and run time support to disable overlayfs
+  * feature: store and reuse overlay (--overlay-named)
-  * Ubuntu snap support
+  * feature: allow debugging inside the sandbox with gdb and strace (--allow-debuggers)
-  * include /dev/snd in --private-dev
+  * feature: mkfile profile command
-  * added mkfile profile command
+  * feature: quiet profile command
-  * added quiet profile command
+  * feature: x11 profile command
-  * recursive mkdir
+  * compile time: Busybox support (--enable-busybox-workaround)
-  * seccomp filter updated
+  * compile time: disable overlayfs (--disable-overlayfs)
-  * compile time and run time support to disable whitelists
+  * compile time: disable whitlisting (--disable-whitelist)
-  * compile time support to disable global configuration file
+  * compile time: disable global config (--disable-globalcfg)
-  * run time support to disable remounting of /proc and /sys
+  * run time: enable/disable overlayfs (overlayfs yes/no)
-  * run time support to disable chroot desktop features
+  * run time: enable/disable  quiet as default (quiet-by-default yes/no)
-  * added quiet-by-default config option in /etc/firejail/firejail.config
+  * run time: user-defined network filter (netfilter-default)
-  * added netfilter-default config option in /etc/firejail/firejail.config
+  * run time: enable/disable whitelisting (whitelist yes/no)
-  * added x11 command for profile files
+  * run time: enable/disable remounting of /proc and /sys (remount-proc-sys yes/no)
+  * run time: enable/disable chroot desktop features (chroot-desktop yes/no)
  * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice
  * new profiles: pix, audacity, xz, xzdec, gzip, cpio, less
  * new profiles: Atom Beta, Atom, jitsi, eom, uudeview
author	netblue30 <netblue30@yahoo.com>	2016-08-23 10:04:41 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-08-23 10:04:41 -0400
commit	1bb4451d94cde3b4617c3cbdcf765cedb2945e06 (patch)
tree	5c6d5e5c4b021afdbc310d8cd240d9ebff391fef /RELNOTES
parent	chroot and overlayfs hardening (diff)
download	firejail-1bb4451d94cde3b4617c3cbdcf765cedb2945e06.tar.gz firejail-1bb4451d94cde3b4617c3cbdcf765cedb2945e06.tar.zst firejail-1bb4451d94cde3b4617c3cbdcf765cedb2945e06.zip

diff --git a/RELNOTES b/RELNOTES index 2a3d93771..cc0c1489c 100644 --- a/RELNOTES +++ b/RELNOTES
@@ -1,35 +1,36 @@
1	firejail (0.9.42~rc2) baseline; urgency=low	1	firejail (0.9.42~rc2) baseline; urgency=low
2	* security: --whitelist deleted files, submitted by Vasya Novikov	2	* security: --whitelist deleted files, submitted by Vasya Novikov
3	* security: disable x32 ABI, submitted by Jann Horn	3	* security: disable x32 ABI in seccomp, submitted by Jann Horn
4	* security: tighten --chroot, submitted by Jann Horn	4	* security: tighten --chroot, submitted by Jann Horn
5	* security: terminal sandbox escape, submitted by Stephan Sokolow	5	* security: terminal sandbox escape, submitted by Stephan Sokolow
6	* deprecated --user option, please use "sudo -u username firejail" instead	6	* modifs: deprecated --user option, please use "sudo -u username firejail" instead
7	* --read-write option rework	7	* modifs: allow symlinks in home directory for --whitelist option
8	* allow symlinks in home directory for --whitelist option	8	* modifs: Firejail prompt is enabled by env variable FIREJAIL_PROMPT="yes"
9	* --allow-debuggers option	9	* modifs: recursive mkdir
10	* --private-template (very simillar to the former --private-home)	10	* modifs: include /dev/snd in --private-dev
11	* AppImage support (--appimage)	11	* modifs: seccomp filter update
12	* AppArmor support (--apparmor)	12	* feature: AppImage support (--appimage)
13	* compile time support for Busybox	13	* feature: AppArmor support (--apparmor)
14	* Sandbox auditing support (--audit)	14	* feature: Ubuntu snap support (/etc/firejail/snap.profile)
15	* remove environment variable (--rmenv)	15	* feature: Sandbox auditing support (--audit)
16	* noexec support (--noexec)	16	* feature: remove environment variable (--rmenv)
17	* --overlay-clean option	17	* feature: noexec support (--noexec)
18	* --overlay-named=name option	18	* feature: clean local overlay storage directory (--overlay-clean)
19	* compile time and run time support to disable overlayfs	19	* feature: store and reuse overlay (--overlay-named)
20	* Ubuntu snap support	20	* feature: allow debugging inside the sandbox with gdb and strace (--allow-debuggers)
21	* include /dev/snd in --private-dev	21	* feature: mkfile profile command
22	* added mkfile profile command	22	* feature: quiet profile command
23	* added quiet profile command	23	* feature: x11 profile command
24	* recursive mkdir	24	* compile time: Busybox support (--enable-busybox-workaround)
25	* seccomp filter updated	25	* compile time: disable overlayfs (--disable-overlayfs)
26	* compile time and run time support to disable whitelists	26	* compile time: disable whitlisting (--disable-whitelist)
27	* compile time support to disable global configuration file	27	* compile time: disable global config (--disable-globalcfg)
28	* run time support to disable remounting of /proc and /sys	28	* run time: enable/disable overlayfs (overlayfs yes/no)
29	* run time support to disable chroot desktop features	29	* run time: enable/disable quiet as default (quiet-by-default yes/no)
30	* added quiet-by-default config option in /etc/firejail/firejail.config	30	* run time: user-defined network filter (netfilter-default)
31	* added netfilter-default config option in /etc/firejail/firejail.config	31	* run time: enable/disable whitelisting (whitelist yes/no)
32	* added x11 command for profile files	32	* run time: enable/disable remounting of /proc and /sys (remount-proc-sys yes/no)
		33	* run time: enable/disable chroot desktop features (chroot-desktop yes/no)
33	* new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice	34	* new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice
34	* new profiles: pix, audacity, xz, xzdec, gzip, cpio, less	35	* new profiles: pix, audacity, xz, xzdec, gzip, cpio, less
35	* new profiles: Atom Beta, Atom, jitsi, eom, uudeview	36	* new profiles: Atom Beta, Atom, jitsi, eom, uudeview