diff options
| author |  The Fox in the Shell <KellerFuchs@hashbang.sh> | 2016-05-25 14:59:30 +0200 |
|---|---|---|
| committer | The Fox in the Shell <KellerFuchs@hashbang.sh> | 2016-05-25 15:01:13 +0200 |
| commit | 1c0428dba28299b66380c8c05770d6619383d758 (patch) | |
| tree | 9930a2e13d8b9b7c51228af50db9337b31e456a2 /src/man | |
| parent | Document nonewprivs (diff) | |
| download | firejail-1c0428dba28299b66380c8c05770d6619383d758.tar.gz firejail-1c0428dba28299b66380c8c05770d6619383d758.tar.zst firejail-1c0428dba28299b66380c8c05770d6619383d758.zip | |
Add force-nonewprivs setting
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/firejail-config.txt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/man/firejail-config.txt b/src/man/firejail-config.txt index fcf4109ee..dcede2ec6 100644 --- a/src/man/firejail-config.txt +++ b/src/man/firejail-config.txt | |||
| @@ -49,6 +49,14 @@ Enable or disable user namespace support, default enabled. | |||
| 49 | Enable or disable X11 sandboxing support, default enabled. | 49 | Enable or disable X11 sandboxing support, default enabled. |
| 50 | 50 | ||
| 51 | .TP | 51 | .TP |
| 52 | \fBforce-nonewprivs | ||
| 53 | Force use of nonewprivs. This mitigates the possibility of | ||
| 54 | a user abusing firejail's features to trick a privileged (suid | ||
| 55 | or file capabilities) process into loading code or configuration | ||
| 56 | that is partially under their control. Default disabled. | ||
| 57 | |||
| 58 | |||
| 59 | .TP | ||
| 52 | \fBxephyr-screen | 60 | \fBxephyr-screen |
| 53 | Screen size for --x11=xephyr, default 800x600. Run /usr/bin/xrandr for | 61 | Screen size for --x11=xephyr, default 800x600. Run /usr/bin/xrandr for |
| 54 | a full list of resolutions available on your specific setup. Examples: | 62 | a full list of resolutions available on your specific setup. Examples: |