diff options
-rw-r--r-- | RELNOTES | 1 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/pycharm-community.profile | 1 | ||||
-rw-r--r-- | src/man/firejail.txt | 4 |
4 files changed, 5 insertions, 2 deletions
@@ -8,6 +8,7 @@ firejail (0.9.59) baseline; urgency=low | |||
8 | * new profiles: sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings | 8 | * new profiles: sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings |
9 | * new profiles: code-oss, pragha | 9 | * new profiles: code-oss, pragha |
10 | * memory-deny-write-execute now also blocks memfd_create | 10 | * memory-deny-write-execute now also blocks memfd_create |
11 | * drop support for flatpak/snap packages | ||
11 | 12 | ||
12 | firejail (0.9.58,2) baseline; urgency=low | 13 | firejail (0.9.58,2) baseline; urgency=low |
13 | * cgroup flag in /etc/firejail/firejail.config file | 14 | * cgroup flag in /etc/firejail/firejail.config file |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index e2eaea38b..976c3610e 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -6,7 +6,6 @@ blacklist ${HOME}/Arduino | |||
6 | blacklist ${HOME}/Monero/wallets | 6 | blacklist ${HOME}/Monero/wallets |
7 | blacklist ${HOME}/Nextcloud/Notes | 7 | blacklist ${HOME}/Nextcloud/Notes |
8 | blacklist ${HOME}/Standard Notes Backups | 8 | blacklist ${HOME}/Standard Notes Backups |
9 | blacklist ${HOME}/snap | ||
10 | blacklist ${HOME}/wallet.dat | 9 | blacklist ${HOME}/wallet.dat |
11 | blacklist ${HOME}/.*coin | 10 | blacklist ${HOME}/.*coin |
12 | blacklist ${HOME}/.8pecxstudios | 11 | blacklist ${HOME}/.8pecxstudios |
diff --git a/etc/pycharm-community.profile b/etc/pycharm-community.profile index bfe8b614e..3caaacf09 100644 --- a/etc/pycharm-community.profile +++ b/etc/pycharm-community.profile | |||
@@ -5,7 +5,6 @@ include pycharm-community.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/snap | ||
9 | noblacklist ${HOME}/.PyCharmCE* | 8 | noblacklist ${HOME}/.PyCharmCE* |
10 | noblacklist ${HOME}/.python-history | 9 | noblacklist ${HOME}/.python-history |
11 | noblacklist ${HOME}/.java | 10 | noblacklist ${HOME}/.java |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 8146d1a2e..048db098c 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -48,6 +48,10 @@ Firejail allows the user to manage application security using security profiles. | |||
48 | Each profile defines a set of permissions for a specific application or group | 48 | Each profile defines a set of permissions for a specific application or group |
49 | of applications. The software includes security profiles for a number of more common | 49 | of applications. The software includes security profiles for a number of more common |
50 | Linux programs, such as Mozilla Firefox, Chromium, VLC, Transmission etc. | 50 | Linux programs, such as Mozilla Firefox, Chromium, VLC, Transmission etc. |
51 | .PP | ||
52 | Alternative sandbox technologies like snap (https://snapcraft.io/) and flatpak (https://flatpak.org/) | ||
53 | are not supported. Snap and flatpak packages have their own native management tools and will | ||
54 | not work when sandboxed with Firejail. | ||
51 | 55 | ||
52 | .SH USAGE | 56 | .SH USAGE |
53 | Without any options, the sandbox consists of a filesystem build in a new mount namespace, | 57 | Without any options, the sandbox consists of a filesystem build in a new mount namespace, |