diff options
-rw-r--r-- | Makefile.in | 1 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/disable-common.inc | 4 | ||||
-rw-r--r-- | platform/debian/conffiles | 2 | ||||
-rw-r--r-- | todo | 6 |
6 files changed, 18 insertions, 1 deletions
diff --git a/Makefile.in b/Makefile.in index 2a03e6fdf..762872b4e 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -131,6 +131,7 @@ realinstall: | |||
131 | install -c -m 0644 .etc/kmail.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 131 | install -c -m 0644 .etc/kmail.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
132 | install -c -m 0644 .etc/seamonkey.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 132 | install -c -m 0644 .etc/seamonkey.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
133 | install -c -m 0644 .etc/seamonkey-bin.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 133 | install -c -m 0644 .etc/seamonkey-bin.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
134 | install -c -m 0644 .etc/telegram.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
134 | bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 135 | bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
135 | rm -fr .etc | 136 | rm -fr .etc |
136 | # man pages | 137 | # man pages |
@@ -18,6 +18,10 @@ License: GPL v2 | |||
18 | Firejail Authors: | 18 | Firejail Authors: |
19 | 19 | ||
20 | netblue30 (netblue30@yahoo.com) | 20 | netblue30 (netblue30@yahoo.com) |
21 | sinkuu (https://github.com/sinkuu) | ||
22 | - blacklisting kwalletd | ||
23 | Bader Zaidan (https://github.com/BaderSZ) | ||
24 | - Telegram profile | ||
21 | Holger Heinz (https://github.com/hheinz) | 25 | Holger Heinz (https://github.com/hheinz) |
22 | - manpage work | 26 | - manpage work |
23 | Andrey Alekseenko (https://github.com/al42and) | 27 | Andrey Alekseenko (https://github.com/al42and) |
@@ -3,7 +3,7 @@ firejail (0.9.37) baseline; urgency=low | |||
3 | * security profiles fixes | 3 | * security profiles fixes |
4 | * dynamic allocation of noblacklist buffer | 4 | * dynamic allocation of noblacklist buffer |
5 | * --ip6 option - IPv6 support | 5 | * --ip6 option - IPv6 support |
6 | * added KMail, Seamonkey profiles | 6 | * added KMail, Seamonkey, Telegram profiles |
7 | * --join command enhancement (--join-network, --join-filesystem) | 7 | * --join command enhancement (--join-network, --join-filesystem) |
8 | * symlink invocation | 8 | * symlink invocation |
9 | -- netblue30 <netblue30@yahoo.com> Tue, 5 Jan 2016 08:00:00 -0500 | 9 | -- netblue30 <netblue30@yahoo.com> Tue, 5 Jan 2016 08:00:00 -0500 |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index e7974f02d..f04702618 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -119,3 +119,7 @@ read-only ${HOME}/.xmonad | |||
119 | # The user ~/bin directory can override commands such as ls | 119 | # The user ~/bin directory can override commands such as ls |
120 | read-only ${HOME}/bin | 120 | read-only ${HOME}/bin |
121 | 121 | ||
122 | # syslog | ||
123 | blacklist /dev/kmsg | ||
124 | blacklist /proc/kmsg | ||
125 | |||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index d72b5ffe6..ccaaa1f34 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -57,4 +57,6 @@ | |||
57 | /etc/firejail/kmail.profile | 57 | /etc/firejail/kmail.profile |
58 | /etc/firejail/seamonkey.profile | 58 | /etc/firejail/seamonkey.profile |
59 | /etc/firejail/seamonkey-bin.profile | 59 | /etc/firejail/seamonkey-bin.profile |
60 | /etc/firejail/telegram.profile | ||
61 | |||
60 | 62 | ||
@@ -115,3 +115,9 @@ The POSIX standard defines what a “portable filename” is. This turns out to | |||
115 | http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_276 | 115 | http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_276 |
116 | 116 | ||
117 | 22. --shutdown does not clear sandboxes started with --join on Debian jessie | 117 | 22. --shutdown does not clear sandboxes started with --join on Debian jessie |
118 | |||
119 | 23. to document: | ||
120 | |||
121 | http://lwn.net/Articles/414813/ | ||
122 | echo 1 > /proc/sys/kernel/dmesg_restrict | ||
123 | |||