5 files changed, 97 insertions, 1 deletions
diff --git a/README.md b/README.md
index 029a7c904..8c2e9d9b6 100644
--- a/README.md
+++ b/README.md
@@ -68,6 +68,7 @@ AppImage project home: https://github.com/probonopd/AppImageKit
 ## Converting profiles to private-bin - work in progress
 BitTorrent profiles converted to private-bin: deluge, qbittorrent, rtorrent, transmission-gtk, transmission-qt
+File transfer: filezilla
 ## New security profiles
diff --git a/etc/disable-devel.inc b/etc/disable-devel.inc
index 99f059c44..8c18ec2c3 100644
--- a/etc/disable-devel.inc
+++ b/etc/disable-devel.inc
@@ -37,7 +37,7 @@ blacklist /usr/lib/php*
 blacklist /usr/bin/ruby
 blacklist /usr/lib/ruby
-# Programs using python: deluge, some firefox addons
+# Programs using python: deluge, some firefox addons, filezilla
 # Python 2
 #blacklist /usr/bin/python2*
 #blacklist /usr/lib/python2*
diff --git a/etc/filezilla.profile b/etc/filezilla.profile
index 3cb4890e2..35663f2fa 100644
--- a/etc/filezilla.profile
+++ b/etc/filezilla.profile
@@ -13,3 +13,6 @@ noroot
 nosound
 protocol unix,inet,inet6
 seccomp
+shell none
+private-bin filezilla,uname,sh,python,lsb_release,fzputtygen,fzsftp
diff --git a/test/apps/apps.sh b/test/apps/apps.sh
index 3ecc161a1..fa56ce370 100755
--- a/test/apps/apps.sh
+++ b/test/apps/apps.sh
@@ -69,6 +69,15 @@ else
        echo "TESTING SKIP: qbittorrent not found"
 fi
+which filezilla
+if [ "$?" -eq 0 ];
+then
+        echo "TESTING: filezilla"
+        ./filezilla.exp
+else
+        echo "TESTING SKIP: filezilla not found"
+fi
 which evince
 if [ "$?" -eq 0 ];
 then
diff --git a/test/apps/filezilla.exp b/test/apps/filezilla.exp
new file mode 100755
index 000000000..7f232f311
--- /dev/null
+++ b/test/apps/filezilla.exp
@@ -0,0 +1,83 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+send -- "firejail filezilla\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Reading profile /etc/firejail/filezilla.profile"
+}
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "Child process initialized"
+}
+sleep 3
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        ":firejail"
+}
+expect {
+        timeout {puts "TESTING ERROR 3.1\n";exit}
+        "filezilla"
+}
+sleep 1
+# grsecurity exit
+send -- "file /proc/sys/kernel/grsecurity\r"
+expect {
+        timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
+        "grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
+        "cannot open" {puts "grsecurity not present\n"}
+}
+send -- "firejail --name=blablabla\r"
+expect {
+        timeout {puts "TESTING ERROR 4\n";exit}
+        "Child process initialized"
+}
+sleep 2
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+        timeout {puts "TESTING ERROR 5\n";exit}
+        ":firejail filezilla"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
+        "Seccomp:       2"
+}
+expect {
+        timeout {puts "TESTING ERROR 5.1\n";exit}
+        "name=blablabla"
+}
+sleep 1
+send -- "firemon --caps\r"
+expect {
+        timeout {puts "TESTING ERROR 6\n";exit}
+        ":firejail filezilla"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.1\n";exit}
+        "CapBnd:"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.2\n";exit}
+        "0000000000000000"
+}
+expect {
+        timeout {puts "TESTING ERROR 6.3\n";exit}
+        "name=blablabla"
+}
+sleep 1
+puts "\nall done\n"

diff --git a/README.md b/README.md index 029a7c904..8c2e9d9b6 100644 --- a/README.md +++ b/README.md
@@ -68,6 +68,7 @@ AppImage project home: https://github.com/probonopd/AppImageKit
68	## Converting profiles to private-bin - work in progress	68	## Converting profiles to private-bin - work in progress
69		69
70	BitTorrent profiles converted to private-bin: deluge, qbittorrent, rtorrent, transmission-gtk, transmission-qt	70	BitTorrent profiles converted to private-bin: deluge, qbittorrent, rtorrent, transmission-gtk, transmission-qt
		71	File transfer: filezilla
71		72
72	## New security profiles	73	## New security profiles
73		74


diff --git a/etc/disable-devel.inc b/etc/disable-devel.inc index 99f059c44..8c18ec2c3 100644 --- a/etc/disable-devel.inc +++ b/etc/disable-devel.inc
@@ -37,7 +37,7 @@ blacklist /usr/lib/php*
37	blacklist /usr/bin/ruby	37	blacklist /usr/bin/ruby
38	blacklist /usr/lib/ruby	38	blacklist /usr/lib/ruby
39		39
40	# Programs using python: deluge, some firefox addons	40	# Programs using python: deluge, some firefox addons, filezilla
41	# Python 2	41	# Python 2
42	#blacklist /usr/bin/python2*	42	#blacklist /usr/bin/python2*
43	#blacklist /usr/lib/python2*	43	#blacklist /usr/lib/python2*


diff --git a/etc/filezilla.profile b/etc/filezilla.profile index 3cb4890e2..35663f2fa 100644 --- a/etc/filezilla.profile +++ b/etc/filezilla.profile
@@ -13,3 +13,6 @@ noroot
13	nosound	13	nosound
14	protocol unix,inet,inet6	14	protocol unix,inet,inet6
15	seccomp	15	seccomp
		16
		17	shell none
		18	private-bin filezilla,uname,sh,python,lsb_release,fzputtygen,fzsftp


diff --git a/test/apps/apps.sh b/test/apps/apps.sh index 3ecc161a1..fa56ce370 100755 --- a/test/apps/apps.sh +++ b/test/apps/apps.sh
@@ -69,6 +69,15 @@ else
69	echo "TESTING SKIP: qbittorrent not found"	69	echo "TESTING SKIP: qbittorrent not found"
70	fi	70	fi
71		71
		72	which filezilla
		73	if [ "$?" -eq 0 ];
		74	then
		75	echo "TESTING: filezilla"
		76	./filezilla.exp
		77	else
		78	echo "TESTING SKIP: filezilla not found"
		79	fi
		80
72	which evince	81	which evince
73	if [ "$?" -eq 0 ];	82	if [ "$?" -eq 0 ];
74	then	83	then


diff --git a/test/apps/filezilla.exp b/test/apps/filezilla.exp new file mode 100755 index 000000000..7f232f311 --- /dev/null +++ b/test/apps/filezilla.exp
@@ -0,0 +1,83 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2016 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 10
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "firejail filezilla\r"
		11	expect {
		12	timeout {puts "TESTING ERROR 0\n";exit}
		13	"Reading profile /etc/firejail/filezilla.profile"
		14	}
		15	expect {
		16	timeout {puts "TESTING ERROR 1\n";exit}
		17	"Child process initialized"
		18	}
		19	sleep 3
		20
		21	spawn $env(SHELL)
		22	send -- "firejail --list\r"
		23	expect {
		24	timeout {puts "TESTING ERROR 3\n";exit}
		25	":firejail"
		26	}
		27	expect {
		28	timeout {puts "TESTING ERROR 3.1\n";exit}
		29	"filezilla"
		30	}
		31	sleep 1
		32
		33	# grsecurity exit
		34	send -- "file /proc/sys/kernel/grsecurity\r"
		35	expect {
		36	timeout {puts "TESTING ERROR - grsecurity detection\n";exit}
		37	"grsecurity: directory" {puts "grsecurity present, exiting...\n";exit}
		38	"cannot open" {puts "grsecurity not present\n"}
		39	}
		40
		41	send -- "firejail --name=blablabla\r"
		42	expect {
		43	timeout {puts "TESTING ERROR 4\n";exit}
		44	"Child process initialized"
		45	}
		46	sleep 2
		47
		48	spawn $env(SHELL)
		49	send -- "firemon --seccomp\r"
		50	expect {
		51	timeout {puts "TESTING ERROR 5\n";exit}
		52	":firejail filezilla"
		53	}
		54	expect {
		55	timeout {puts "TESTING ERROR 5.1 (seccomp)\n";exit}
		56	"Seccomp: 2"
		57	}
		58	expect {
		59	timeout {puts "TESTING ERROR 5.1\n";exit}
		60	"name=blablabla"
		61	}
		62	sleep 1
		63	send -- "firemon --caps\r"
		64	expect {
		65	timeout {puts "TESTING ERROR 6\n";exit}
		66	":firejail filezilla"
		67	}
		68	expect {
		69	timeout {puts "TESTING ERROR 6.1\n";exit}
		70	"CapBnd:"
		71	}
		72	expect {
		73	timeout {puts "TESTING ERROR 6.2\n";exit}
		74	"0000000000000000"
		75	}
		76	expect {
		77	timeout {puts "TESTING ERROR 6.3\n";exit}
		78	"name=blablabla"
		79	}
		80	sleep 1
		81
		82	puts "\nall done\n"
		83