diff options
author | netblue30 <netblue30@yahoo.com> | 2016-07-27 17:53:09 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-07-27 17:53:09 -0400 |
commit | 82c353409ab09554c2a4f3517f8e654725d8da46 (patch) | |
tree | 6cd8d462973901bb6aa1c3034b1d667d60dcc149 /src/man/firejail.txt | |
parent | symlink whitelist fix (diff) | |
download | firejail-82c353409ab09554c2a4f3517f8e654725d8da46.tar.gz firejail-82c353409ab09554c2a4f3517f8e654725d8da46.tar.zst firejail-82c353409ab09554c2a4f3517f8e654725d8da46.zip |
symlink whitelist fix
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index d8bd34f10..65744235e 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -949,6 +949,10 @@ cannot acquire new privileges using execve(2); in particular, | |||
949 | this means that calling a suid binary (or one with file capabilities) | 949 | this means that calling a suid binary (or one with file capabilities) |
950 | does not result in an increase of privilege. | 950 | does not result in an increase of privilege. |
951 | 951 | ||
952 | --nonewprivs is enabled by default if seccomp filter is activated, or if a | ||
953 | symbolic link in user home directory pointing outside user home | ||
954 | is whitelisted. | ||
955 | |||
952 | .TP | 956 | .TP |
953 | \fB\-\-nosound | 957 | \fB\-\-nosound |
954 | Disable sound system. | 958 | Disable sound system. |