diff options
| author |  netblue30 <netblue30@yahoo.com> | 2015-12-12 08:14:44 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2015-12-12 08:14:44 -0500 |
| commit | 1d7f4c65e4335ef8000967f08af8c549227bc325 (patch) | |
| tree | a2a620884bf2e1a86a6ff29725f93312eb65f533 /todo | |
| parent | debug enhancements (diff) | |
| download | firejail-1d7f4c65e4335ef8000967f08af8c549227bc325.tar.gz firejail-1d7f4c65e4335ef8000967f08af8c549227bc325.tar.zst firejail-1d7f4c65e4335ef8000967f08af8c549227bc325.zip | |
fixes
Diffstat (limited to 'todo')
| -rw-r--r-- | todo | 46 |
1 files changed, 1 insertions, 45 deletions
| @@ -77,7 +77,6 @@ socat ABSTRACT-LISTEN:/tmp/dbus-awBoQTCc,fork UNIX-CONNECT:/tmp/mysock | |||
| 77 | 77 | ||
| 78 | 13. While using --net=eth0 assign the name of the interface inside the sandbox as eth0 | 78 | 13. While using --net=eth0 assign the name of the interface inside the sandbox as eth0 |
| 79 | 79 | ||
| 80 | 14. check chroot does not allow on symlinks | ||
| 81 | 15. do not attempt to mount /sys if unmount fails | 80 | 15. do not attempt to mount /sys if unmount fails |
| 82 | 81 | ||
| 83 | $ firejail --noprofile --chroot=/tmp/chroot | 82 | $ firejail --noprofile --chroot=/tmp/chroot |
| @@ -98,53 +97,10 @@ Child process initialized | |||
| 98 | 16. add support for --ip, --iprange, --mac and --mtu for --interface option | 97 | 16. add support for --ip, --iprange, --mac and --mtu for --interface option |
| 99 | 98 | ||
| 100 | 17. private-home clashing with blacklist | 99 | 17. private-home clashing with blacklist |
| 101 | $ firejail --private-home=.mozilla | 100 | whitelist clashing with blacklist |
| 102 | Reading profile /etc/firejail/generic.profile | ||
| 103 | Reading profile /etc/firejail/disable-mgmt.inc | ||
| 104 | Reading profile /etc/firejail/disable-secret.inc | ||
| 105 | Reading profile /etc/firejail/disable-common.inc | ||
| 106 | |||
| 107 | ** Note: you can use --noprofile to disable generic.profile ** | ||
| 108 | |||
| 109 | Parent pid 8193, child pid 8194 | ||
| 110 | /run/firejail/mnt/cp: cannot access `/home/netblue/.mozilla': Permission denied | ||
| 111 | Error system cp -a --parents:duplicate(381): No such file or directory | ||
| 112 | Child process initialized | ||
| 113 | $ ls -la | ||
| 114 | total 4 | ||
| 115 | drwx------ 3 test test 100 Nov 25 07:59 . | ||
| 116 | drwxr-xr-x 3 65534 65534 60 Nov 25 07:59 .. | ||
| 117 | -rw-r--r-- 1 test test 3392 Nov 25 07:59 .bashrc | ||
| 118 | dr-x------ 2 65534 65534 40 Nov 24 17:53 .mozilla | ||
| 119 | -rw------- 1 test test 0 Nov 25 07:59 .Xauthority | ||
| 120 | |||
| 121 | |||
| 122 | |||
| 123 | |||
| 124 | 18. whitelist clashing with blacklist | ||
| 125 | $ firejail --whitelist=~/.mozilla | ||
| 126 | Reading profile /etc/firejail/generic.profile | ||
| 127 | Reading profile /etc/firejail/disable-mgmt.inc | ||
| 128 | Reading profile /etc/firejail/disable-secret.inc | ||
| 129 | Reading profile /etc/firejail/disable-common.inc | ||
| 130 | |||
| 131 | ** Note: you can use --noprofile to disable generic.profile ** | ||
| 132 | |||
| 133 | Parent pid 9440, child pid 9441 | ||
| 134 | Child process initialized | ||
| 135 | $ ls -al | ||
| 136 | total 8 | ||
| 137 | drwx------ 3 netblue netblue 100 Nov 25 08:09 . | ||
| 138 | drwxr-xr-x 3 65534 65534 60 Nov 25 08:09 .. | ||
| 139 | -rw-r--r-- 1 netblue netblue 3392 Nov 25 08:09 .bashrc | ||
| 140 | dr-x------ 2 65534 65534 40 Nov 24 17:53 .mozilla | ||
| 141 | -rw------- 1 netblue netblue 51 Nov 25 08:09 .Xauthority | ||
| 142 | |||
| 143 | 101 | ||
| 144 | 19. Try --overlay on a Ubuntu 14.04 32bit.Without adding --dns, there will be no network connectivity - see issue 151 | 102 | 19. Try --overlay on a Ubuntu 14.04 32bit.Without adding --dns, there will be no network connectivity - see issue 151 |
| 145 | 103 | ||
| 146 | 20. blacklist ~/.cache in disable-common.inc??? | ||
| 147 | |||
| 148 | 21. restrict chars in filenames | 104 | 21. restrict chars in filenames |
| 149 | 105 | ||
| 150 | try to open url-encoded filenames | 106 | try to open url-encoded filenames |