1 files changed, 42 insertions, 32 deletions
diff --git a/README b/README
index 4647a70c4..0d402a854 100644
--- a/README
+++ b/README
@@ -1,13 +1,14 @@
-Firejail is a SUID sandbox program that reduces the risk of security
+Firejail is a SUID sandbox program that reduces the risk of security breaches
-breaches by restricting the running environment of untrusted applications
+by restricting the running environment of untrusted applications using Linux
-using Linux namespaces and seccomp-bpf. It includes sandbox profiles for
+namespaces and seccomp-bpf.
-Iceweasel/Mozilla Firefox, Chromium, Midori, Opera, Evince, Transmission,
-VLC, Audacious, Clementine, Rhythmbox, Totem, Deluge, qBittorrent.
+It includes sandbox profiles for many programs, including Iceweasel/Mozilla
-DeaDBeeF, Dropbox, Empathy, FileZilla, IceCat, Thunderbird/Icedove,
+Firefox, Chromium, Midori, Opera, Evince, Transmission, VLC, Audacious,
-Pidgin, Quassel, and XChat.
+Clementine, Rhythmbox, Totem, Deluge, qBittorrent, DeaDBeeF, Dropbox, Empathy,
+FileZilla, IceCat, Thunderbird/Icedove, Pidgin, Quassel, and XChat.
 Firejail also expands the restricted shell facility found in bash by adding
-Linux namespace support. It supports sandboxing specific users upon login.
+Linux namespace support.  It supports sandboxing specific users upon login.
 Download: https://sourceforge.net/projects/firejail/files/
 Build and install: ./configure && make && sudo make install
@@ -17,30 +18,33 @@ Backup Video Channel: https://www.bitchute.com/profile/JSBsA1aoQVfW/
 Development: https://github.com/netblue30/firejail
 License: GPL v2
-Please report all security vulnerabilities at netblue30@protonmail.com
+Please report all security vulnerabilities to:
+* <netblue30@protonmail.com>
-Compile and install mainline version from GitHub:
+Compile and install the mainline version from GitHub:
-$ git clone https://github.com/netblue30/firejail.git
+    git clone https://github.com/netblue30/firejail.git
-$ cd firejail
+    cd firejail
-$ ./configure && make && sudo make install-strip
+    ./configure && make && sudo make install-strip
-On Debian/Ubuntu you will need to install git and gcc compiler. AppArmor
+On Debian/Ubuntu you will need to install git and gcc.  AppArmor development
-development libraries and pkg-config are required when using --enable-apparmor
+libraries and pkg-config are required when using the --enable-apparmor
 ./configure option:
-$ sudo apt-get install git build-essential libapparmor-dev pkg-config gawk
+    sudo apt-get install git build-essential libapparmor-dev pkg-config gawk
 For --selinux option, add libselinux1-dev (libselinux-devel for Fedora).
-We build our release firejail.tar.xz and firejail.deb packages using the following command:
+We build our release firejail.tar.xz and firejail.deb packages using the
-$ make distclean && ./configure && make deb
+following commands:
+    make distclean && ./configure && make deb
 Maintainer:
 - netblue30 (netblue30@protonmail.com)
-Committers
+Committers:
 - chiraag-nataraj (https://github.com/chiraag-nataraj)
 - crass (https://github.com/crass)
 - ChrysoliteAzalea (https://github.com/ChrysoliteAzalea)
@@ -55,15 +59,16 @@ Committers
 - rusty-snake (https://github.com/rusty-snake)
 - smitsohu (https://github.com/smitsohu)
 - SkewedZeppelin (https://github.com/SkewedZeppelin)
- startx2017 (https://github.com/startx2017) - LTS and *bugfixes branches maintainer)
+- startx2017 (https://github.com/startx2017) - LTS and *bugfixes branches
+  maintainer)
 - Topi Miettinen (https://github.com/topimiettinen)
 - veloute (https://github.com/veloute)
 - Vincent43 (https://github.com/Vincent43)
 - netblue30 (netblue30@protonmail.com)
+---
+Firejail Authors (alphabetical order):
-Firejail Authors (alphabetical order)
 0x7969 (https://github.com/0x7969)
        - fix wire-desktop.profile
@@ -313,7 +318,8 @@ curiosityseeker (https://github.com/curiosityseeker - new)
        - updated keypassxc profile
        - added syscalls.sh, which determine the necessary syscalls for a program
        - fixed conky profile
-        - thunderbird.profile: harden and enable the rules necessary to make Firefox open links
+        - thunderbird.profile: harden and enable the rules necessary to make
+          Firefox open links
 da2x (https://github.com/da2x)
        - matched RPM license tag
 Daan Bakker (https://github.com/dbakker)
@@ -358,7 +364,8 @@ Disconnect3d (https://github.com/disconnect3d)
 dm9pZCAq (https://github.com/dm9pZCAq)
        - fix for compilation under musl
 dmfreemon (https://github.com/dmfreemon)
-        - add sandbox name or name of private directory to the window title when xpra is used
+        - add sandbox name or name of private directory to the window title
+          when xpra is used
        - handle malloc() failures; use gnu_basename() instead of basenaem()
 Dmitriy Chestnykh (https://github.com/chestnykh)
        - add ability to disable user profiles at compile time
@@ -1030,7 +1037,8 @@ soredake (https://github.com/soredake)
        - add localtime to private-etc to make qtox show correct time
        - fixes for the keepassxc 2.2.5 version
 SkewedZeppelin (https://github.com/SkewedZeppelin)
-        - added Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5 profiles
+        - added Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI,
+          Lollypop, MultiMC5 profiles
        - added PDFSam, Pithos, and Xonotic profiles
        - disabled Go, Rust, and OpenSSL in disable-devel.conf
        - added dino profile
@@ -1048,7 +1056,8 @@ SkewedZeppelin (https://github.com/SkewedZeppelin)
        - added IntelliJ IDEA and Android Studio profiles
        - added arm profile
        - lots of profile improvements/tightening
-        - added apktool, baobab, dex2jar, gitg, hashcat, obs, picard, remmina, sdat2img,
+        - added apktool, baobab, dex2jar, gitg, hashcat, obs, picard, remmina,
+          sdat2img,
        soundconverter, sqlitebrowser, and truecraft profiles
        - added gnome-twitch profile
        - Unified all 341 profiles
@@ -1085,10 +1094,12 @@ SYN-cook (https://github.com/SYN-cook)
        - gnome-calculator changes
 startx2017 (https://github.com/startx2017)
        - syscall list update
-        - updated default seccomp filters - added bpf, clock_settime, personality, process_vm_writev, query_module,
+        - updated default seccomp filters - added bpf, clock_settime,
-          settimeofday, stime, umount, userfaultfd, ustat, vm86, and vm86old
+          personality, process_vm_writev, query_module, settimeofday, stime,
+          umount, userfaultfd, ustat, vm86, and vm86old
        - enable/disable join support in /etc/firejail/firejail.config
-        - firecfg fix: create ~/.local/share/applications directory if it doesn't exist
+        - firecfg fix: create ~/.local/share/applications directory if it
+          doesn't exist
        - firejail.config cleanup
        - --quiet fixes
        - bugfixes branches maintainer
@@ -1250,10 +1261,9 @@ Zack Weinberg (https://github.com/zackw)
        - wait_for_other function rewrite
        - Xvfb X11 server support
        - Xvfb and Xephyr profiles, modified Xpra profile
-        - support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes when started
+        - support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes
-          with firejail --x11
+          when started with firejail --x11
        - support for xpra-extra-params in firejail.config
 zupatisc (https://github.com/zupatisc)
        - patch-util fix

diff --git a/README b/README index 4647a70c4..0d402a854 100644 --- a/README +++ b/README
@@ -1,13 +1,14 @@
1	Firejail is a SUID sandbox program that reduces the risk of security	1	Firejail is a SUID sandbox program that reduces the risk of security breaches
2	breaches by restricting the running environment of untrusted applications	2	by restricting the running environment of untrusted applications using Linux
3	using Linux namespaces and seccomp-bpf. It includes sandbox profiles for	3	namespaces and seccomp-bpf.
4	Iceweasel/Mozilla Firefox, Chromium, Midori, Opera, Evince, Transmission,	4
5	VLC, Audacious, Clementine, Rhythmbox, Totem, Deluge, qBittorrent.	5	It includes sandbox profiles for many programs, including Iceweasel/Mozilla
6	DeaDBeeF, Dropbox, Empathy, FileZilla, IceCat, Thunderbird/Icedove,	6	Firefox, Chromium, Midori, Opera, Evince, Transmission, VLC, Audacious,
7	Pidgin, Quassel, and XChat.	7	Clementine, Rhythmbox, Totem, Deluge, qBittorrent, DeaDBeeF, Dropbox, Empathy,
		8	FileZilla, IceCat, Thunderbird/Icedove, Pidgin, Quassel, and XChat.
8		9
9	Firejail also expands the restricted shell facility found in bash by adding	10	Firejail also expands the restricted shell facility found in bash by adding
10	Linux namespace support. It supports sandboxing specific users upon login.	11	Linux namespace support. It supports sandboxing specific users upon login.
11		12
12	Download: https://sourceforge.net/projects/firejail/files/	13	Download: https://sourceforge.net/projects/firejail/files/
13	Build and install: ./configure && make && sudo make install	14	Build and install: ./configure && make && sudo make install
@@ -17,30 +18,33 @@ Backup Video Channel: https://www.bitchute.com/profile/JSBsA1aoQVfW/
17	Development: https://github.com/netblue30/firejail	18	Development: https://github.com/netblue30/firejail
18	License: GPL v2	19	License: GPL v2
19		20
20	Please report all security vulnerabilities at netblue30@protonmail.com	21	Please report all security vulnerabilities to:
		22
		23	* <netblue30@protonmail.com>
21		24
22	Compile and install mainline version from GitHub:	25	Compile and install the mainline version from GitHub:
23		26
24	$ git clone https://github.com/netblue30/firejail.git	27	git clone https://github.com/netblue30/firejail.git
25	$ cd firejail	28	cd firejail
26	$ ./configure && make && sudo make install-strip	29	./configure && make && sudo make install-strip
27		30
28	On Debian/Ubuntu you will need to install git and gcc compiler. AppArmor	31	On Debian/Ubuntu you will need to install git and gcc. AppArmor development
29	development libraries and pkg-config are required when using --enable-apparmor	32	libraries and pkg-config are required when using the --enable-apparmor
30	./configure option:	33	./configure option:
31		34
32	$ sudo apt-get install git build-essential libapparmor-dev pkg-config gawk	35	sudo apt-get install git build-essential libapparmor-dev pkg-config gawk
33		36
34	For --selinux option, add libselinux1-dev (libselinux-devel for Fedora).	37	For --selinux option, add libselinux1-dev (libselinux-devel for Fedora).
35		38
36	We build our release firejail.tar.xz and firejail.deb packages using the following command:	39	We build our release firejail.tar.xz and firejail.deb packages using the
37	$ make distclean && ./configure && make deb	40	following commands:
38		41
		42	make distclean && ./configure && make deb
39		43
40	Maintainer:	44	Maintainer:
41	- netblue30 (netblue30@protonmail.com)	45	- netblue30 (netblue30@protonmail.com)
42		46
43	Committers	47	Committers:
44	- chiraag-nataraj (https://github.com/chiraag-nataraj)	48	- chiraag-nataraj (https://github.com/chiraag-nataraj)
45	- crass (https://github.com/crass)	49	- crass (https://github.com/crass)
46	- ChrysoliteAzalea (https://github.com/ChrysoliteAzalea)	50	- ChrysoliteAzalea (https://github.com/ChrysoliteAzalea)
@@ -55,15 +59,16 @@ Committers
55	- rusty-snake (https://github.com/rusty-snake)	59	- rusty-snake (https://github.com/rusty-snake)
56	- smitsohu (https://github.com/smitsohu)	60	- smitsohu (https://github.com/smitsohu)
57	- SkewedZeppelin (https://github.com/SkewedZeppelin)	61	- SkewedZeppelin (https://github.com/SkewedZeppelin)
58	- startx2017 (https://github.com/startx2017) - LTS and *bugfixes branches maintainer)	62	- startx2017 (https://github.com/startx2017) - LTS and *bugfixes branches
		63	maintainer)
59	- Topi Miettinen (https://github.com/topimiettinen)	64	- Topi Miettinen (https://github.com/topimiettinen)
60	- veloute (https://github.com/veloute)	65	- veloute (https://github.com/veloute)
61	- Vincent43 (https://github.com/Vincent43)	66	- Vincent43 (https://github.com/Vincent43)
62	- netblue30 (netblue30@protonmail.com)	67	- netblue30 (netblue30@protonmail.com)
63		68
		69	---
64		70
65		71	Firejail Authors (alphabetical order):
66	Firejail Authors (alphabetical order)
67		72
68	0x7969 (https://github.com/0x7969)	73	0x7969 (https://github.com/0x7969)
69	- fix wire-desktop.profile	74	- fix wire-desktop.profile
@@ -313,7 +318,8 @@ curiosityseeker (https://github.com/curiosityseeker - new)
313	- updated keypassxc profile	318	- updated keypassxc profile
314	- added syscalls.sh, which determine the necessary syscalls for a program	319	- added syscalls.sh, which determine the necessary syscalls for a program
315	- fixed conky profile	320	- fixed conky profile
316	- thunderbird.profile: harden and enable the rules necessary to make Firefox open links	321	- thunderbird.profile: harden and enable the rules necessary to make
		322	Firefox open links
317	da2x (https://github.com/da2x)	323	da2x (https://github.com/da2x)
318	- matched RPM license tag	324	- matched RPM license tag
319	Daan Bakker (https://github.com/dbakker)	325	Daan Bakker (https://github.com/dbakker)
@@ -358,7 +364,8 @@ Disconnect3d (https://github.com/disconnect3d)
358	dm9pZCAq (https://github.com/dm9pZCAq)	364	dm9pZCAq (https://github.com/dm9pZCAq)
359	- fix for compilation under musl	365	- fix for compilation under musl
360	dmfreemon (https://github.com/dmfreemon)	366	dmfreemon (https://github.com/dmfreemon)
361	- add sandbox name or name of private directory to the window title when xpra is used	367	- add sandbox name or name of private directory to the window title
		368	when xpra is used
362	- handle malloc() failures; use gnu_basename() instead of basenaem()	369	- handle malloc() failures; use gnu_basename() instead of basenaem()
363	Dmitriy Chestnykh (https://github.com/chestnykh)	370	Dmitriy Chestnykh (https://github.com/chestnykh)
364	- add ability to disable user profiles at compile time	371	- add ability to disable user profiles at compile time
@@ -1030,7 +1037,8 @@ soredake (https://github.com/soredake)
1030	- add localtime to private-etc to make qtox show correct time	1037	- add localtime to private-etc to make qtox show correct time
1031	- fixes for the keepassxc 2.2.5 version	1038	- fixes for the keepassxc 2.2.5 version
1032	SkewedZeppelin (https://github.com/SkewedZeppelin)	1039	SkewedZeppelin (https://github.com/SkewedZeppelin)
1033	- added Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5 profiles	1040	- added Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI,
		1041	Lollypop, MultiMC5 profiles
1034	- added PDFSam, Pithos, and Xonotic profiles	1042	- added PDFSam, Pithos, and Xonotic profiles
1035	- disabled Go, Rust, and OpenSSL in disable-devel.conf	1043	- disabled Go, Rust, and OpenSSL in disable-devel.conf
1036	- added dino profile	1044	- added dino profile
@@ -1048,7 +1056,8 @@ SkewedZeppelin (https://github.com/SkewedZeppelin)
1048	- added IntelliJ IDEA and Android Studio profiles	1056	- added IntelliJ IDEA and Android Studio profiles
1049	- added arm profile	1057	- added arm profile
1050	- lots of profile improvements/tightening	1058	- lots of profile improvements/tightening
1051	- added apktool, baobab, dex2jar, gitg, hashcat, obs, picard, remmina, sdat2img,	1059	- added apktool, baobab, dex2jar, gitg, hashcat, obs, picard, remmina,
		1060	sdat2img,
1052	soundconverter, sqlitebrowser, and truecraft profiles	1061	soundconverter, sqlitebrowser, and truecraft profiles
1053	- added gnome-twitch profile	1062	- added gnome-twitch profile
1054	- Unified all 341 profiles	1063	- Unified all 341 profiles
@@ -1085,10 +1094,12 @@ SYN-cook (https://github.com/SYN-cook)
1085	- gnome-calculator changes	1094	- gnome-calculator changes
1086	startx2017 (https://github.com/startx2017)	1095	startx2017 (https://github.com/startx2017)
1087	- syscall list update	1096	- syscall list update
1088	- updated default seccomp filters - added bpf, clock_settime, personality, process_vm_writev, query_module,	1097	- updated default seccomp filters - added bpf, clock_settime,
1089	settimeofday, stime, umount, userfaultfd, ustat, vm86, and vm86old	1098	personality, process_vm_writev, query_module, settimeofday, stime,
		1099	umount, userfaultfd, ustat, vm86, and vm86old
1090	- enable/disable join support in /etc/firejail/firejail.config	1100	- enable/disable join support in /etc/firejail/firejail.config
1091	- firecfg fix: create ~/.local/share/applications directory if it doesn't exist	1101	- firecfg fix: create ~/.local/share/applications directory if it
		1102	doesn't exist
1092	- firejail.config cleanup	1103	- firejail.config cleanup
1093	- --quiet fixes	1104	- --quiet fixes
1094	- bugfixes branches maintainer	1105	- bugfixes branches maintainer
@@ -1250,10 +1261,9 @@ Zack Weinberg (https://github.com/zackw)
1250	- wait_for_other function rewrite	1261	- wait_for_other function rewrite
1251	- Xvfb X11 server support	1262	- Xvfb X11 server support
1252	- Xvfb and Xephyr profiles, modified Xpra profile	1263	- Xvfb and Xephyr profiles, modified Xpra profile
1253	- support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes when started	1264	- support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes
1254	with firejail --x11	1265	when started with firejail --x11
1255	- support for xpra-extra-params in firejail.config	1266	- support for xpra-extra-params in firejail.config
1256
1257	zupatisc (https://github.com/zupatisc)	1267	zupatisc (https://github.com/zupatisc)
1258	- patch-util fix	1268	- patch-util fix
1259		1269