diff options
-rw-r--r-- | CONTRIBUTING.md | 5 | ||||
-rw-r--r-- | README | 31 | ||||
-rw-r--r-- | README.md | 13 |
3 files changed, 28 insertions, 21 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e1f533dde..a9cdfbc0f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md | |||
@@ -22,7 +22,10 @@ we can handle the report more easily: | |||
22 | the `--noprofile` argument. | 22 | the `--noprofile` argument. |
23 | For example, if `firejail firefox` does not work, please also run `firejail --noprofile firefox` and | 23 | For example, if `firejail firefox` does not work, please also run `firejail --noprofile firefox` and |
24 | let us know if it runs correctly or not. | 24 | let us know if it runs correctly or not. |
25 | - You may also try disabling various options provided in `/etc/firejail/<ProgramName.profile>` until you find out which one causes problems. It will significantly help to find solution for your issue. | 25 | - You may also try disabling various options provided in |
26 | `/etc/firejail/<ProgramName.profile>` until you find out which one causes | ||
27 | problems. | ||
28 | It will significantly help in finding a solution for your issue. | ||
26 | 29 | ||
27 | Please note: If you are running Debian, Ubuntu, Linux Mint, or another related | 30 | Please note: If you are running Debian, Ubuntu, Linux Mint, or another related |
28 | distribution and you installed firejail from your distro's repositories, please | 31 | distribution and you installed firejail from your distro's repositories, please |
@@ -1,10 +1,11 @@ | |||
1 | Firejail is a SUID sandbox program that reduces the risk of security | 1 | Firejail is a SUID sandbox program that reduces the risk of security breaches |
2 | breaches by restricting the running environment of untrusted applications | 2 | by restricting the running environment of untrusted applications using Linux |
3 | using Linux namespaces and seccomp-bpf. It includes sandbox profiles for | 3 | namespaces and seccomp-bpf. |
4 | Iceweasel/Mozilla Firefox, Chromium, Midori, Opera, Evince, Transmission, | 4 | |
5 | VLC, Audacious, Clementine, Rhythmbox, Totem, Deluge, qBittorrent. | 5 | It includes sandbox profiles for many programs, including Iceweasel/Mozilla |
6 | DeaDBeeF, Dropbox, Empathy, FileZilla, IceCat, Thunderbird/Icedove, | 6 | Firefox, Chromium, Midori, Opera, Evince, Transmission, VLC, Audacious, |
7 | Pidgin, Quassel, and XChat. | 7 | Clementine, Rhythmbox, Totem, Deluge, qBittorrent, DeaDBeeF, Dropbox, Empathy, |
8 | FileZilla, IceCat, Thunderbird/Icedove, Pidgin, Quassel, and XChat. | ||
8 | 9 | ||
9 | Firejail also expands the restricted shell facility found in bash by adding | 10 | Firejail also expands the restricted shell facility found in bash by adding |
10 | Linux namespace support. It supports sandboxing specific users upon login. | 11 | Linux namespace support. It supports sandboxing specific users upon login. |
@@ -21,28 +22,29 @@ Please report all security vulnerabilities to: | |||
21 | 22 | ||
22 | * <netblue30@protonmail.com> | 23 | * <netblue30@protonmail.com> |
23 | 24 | ||
24 | Compile and install mainline version from GitHub: | 25 | Compile and install the mainline version from GitHub: |
25 | 26 | ||
26 | git clone https://github.com/netblue30/firejail.git | 27 | git clone https://github.com/netblue30/firejail.git |
27 | cd firejail | 28 | cd firejail |
28 | ./configure && make && sudo make install-strip | 29 | ./configure && make && sudo make install-strip |
29 | 30 | ||
30 | On Debian/Ubuntu you will need to install git and gcc compiler. AppArmor | 31 | On Debian/Ubuntu you will need to install git and gcc. AppArmor development |
31 | development libraries and pkg-config are required when using --enable-apparmor | 32 | libraries and pkg-config are required when using the --enable-apparmor |
32 | ./configure option: | 33 | ./configure option: |
33 | 34 | ||
34 | sudo apt-get install git build-essential libapparmor-dev pkg-config gawk | 35 | sudo apt-get install git build-essential libapparmor-dev pkg-config gawk |
35 | 36 | ||
36 | For --selinux option, add libselinux1-dev (libselinux-devel for Fedora). | 37 | For --selinux option, add libselinux1-dev (libselinux-devel for Fedora). |
37 | 38 | ||
38 | We build our release firejail.tar.xz and firejail.deb packages using the following command: | 39 | We build our release firejail.tar.xz and firejail.deb packages using the |
40 | following commands: | ||
39 | 41 | ||
40 | make distclean && ./configure && make deb | 42 | make distclean && ./configure && make deb |
41 | 43 | ||
42 | Maintainer: | 44 | Maintainer: |
43 | - netblue30 (netblue30@protonmail.com) | 45 | - netblue30 (netblue30@protonmail.com) |
44 | 46 | ||
45 | Committers | 47 | Committers: |
46 | - chiraag-nataraj (https://github.com/chiraag-nataraj) | 48 | - chiraag-nataraj (https://github.com/chiraag-nataraj) |
47 | - crass (https://github.com/crass) | 49 | - crass (https://github.com/crass) |
48 | - ChrysoliteAzalea (https://github.com/ChrysoliteAzalea) | 50 | - ChrysoliteAzalea (https://github.com/ChrysoliteAzalea) |
@@ -63,9 +65,9 @@ Committers | |||
63 | - Vincent43 (https://github.com/Vincent43) | 65 | - Vincent43 (https://github.com/Vincent43) |
64 | - netblue30 (netblue30@protonmail.com) | 66 | - netblue30 (netblue30@protonmail.com) |
65 | 67 | ||
68 | --- | ||
66 | 69 | ||
67 | 70 | Firejail Authors (alphabetical order): | |
68 | Firejail Authors (alphabetical order) | ||
69 | 71 | ||
70 | 0x7969 (https://github.com/0x7969) | 72 | 0x7969 (https://github.com/0x7969) |
71 | - fix wire-desktop.profile | 73 | - fix wire-desktop.profile |
@@ -1255,7 +1257,6 @@ Zack Weinberg (https://github.com/zackw) | |||
1255 | - support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes when started | 1257 | - support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes when started |
1256 | with firejail --x11 | 1258 | with firejail --x11 |
1257 | - support for xpra-extra-params in firejail.config | 1259 | - support for xpra-extra-params in firejail.config |
1258 | |||
1259 | zupatisc (https://github.com/zupatisc) | 1260 | zupatisc (https://github.com/zupatisc) |
1260 | - patch-util fix | 1261 | - patch-util fix |
1261 | 1262 | ||
@@ -139,8 +139,8 @@ cd firejail | |||
139 | ./configure && make && sudo make install-strip | 139 | ./configure && make && sudo make install-strip |
140 | ``` | 140 | ``` |
141 | 141 | ||
142 | On Debian/Ubuntu you will need to install git and gcc compiler. AppArmor | 142 | On Debian/Ubuntu you will need to install git and gcc. AppArmor development |
143 | development libraries and pkg-config are required when using `--enable-apparmor` | 143 | libraries and pkg-config are required when using the `--enable-apparmor` |
144 | ./configure option: | 144 | ./configure option: |
145 | 145 | ||
146 | ```sh | 146 | ```sh |
@@ -186,9 +186,12 @@ The first command solves some shared memory/PID namespace bugs in PulseAudio sof | |||
186 | The second command integrates Firejail into your desktop. You would need to logout and login back to apply | 186 | The second command integrates Firejail into your desktop. You would need to logout and login back to apply |
187 | PulseAudio changes. | 187 | PulseAudio changes. |
188 | 188 | ||
189 | Start your programs the way you are used to: desktop manager menus, file manager, desktop launchers. | 189 | Start your programs the way you are used to: desktop manager menus, file |
190 | The integration applies to any program supported by default by Firejail. There are about 250 default applications | 190 | manager, desktop launchers. |
191 | in current Firejail version, and the number goes up with every new release. | 191 | |
192 | The integration applies to any program supported by default by Firejail. | ||
193 | There are over 900 default applications in the current Firejail version, and | ||
194 | the number goes up with every new release. | ||
192 | 195 | ||
193 | We keep the application list in | 196 | We keep the application list in |
194 | [src/firecfg/firecfg.config](src/firecfg/firecfg.config) | 197 | [src/firecfg/firecfg.config](src/firecfg/firecfg.config) |