aboutsummaryrefslogtreecommitdiffstats
path: root/src/man/firejail-config.txt
diff options
context:
space:
mode:
Diffstat (limited to 'src/man/firejail-config.txt')
-rw-r--r--src/man/firejail-config.txt19
1 files changed, 11 insertions, 8 deletions
diff --git a/src/man/firejail-config.txt b/src/man/firejail-config.txt
index 026765f1a..6a66c7f75 100644
--- a/src/man/firejail-config.txt
+++ b/src/man/firejail-config.txt
@@ -26,6 +26,13 @@ Enable or disable chroot support, default enabled.
26Enable or disable file transfer support, default enabled. 26Enable or disable file transfer support, default enabled.
27 27
28.TP 28.TP
29\fBforce-nonewprivs
30Force use of nonewprivs. This mitigates the possibility of
31a user abusing firejail's features to trick a privileged (suid
32or file capabilities) process into loading code or configuration
33that is partially under their control. Default disabled.
34
35.TP
29\fBnetwork 36\fBnetwork
30Enable or disable networking features, default enabled. 37Enable or disable networking features, default enabled.
31 38
@@ -45,16 +52,12 @@ Enable or disable seccomp support, default enabled.
45Enable or disable user namespace support, default enabled. 52Enable or disable user namespace support, default enabled.
46 53
47.TP 54.TP
48\fBx11 55\fBwhitelist
49Enable or disable X11 sandboxing support, default enabled. 56Enable or disable whitelisting support, default enabled.
50 57
51.TP 58.TP
52\fBforce-nonewprivs 59\fBx11
53Force use of nonewprivs. This mitigates the possibility of 60Enable or disable X11 sandboxing support, default enabled.
54a user abusing firejail's features to trick a privileged (suid
55or file capabilities) process into loading code or configuration
56that is partially under their control. Default disabled.
57
58 61
59.TP 62.TP
60\fBxephyr-screen 63\fBxephyr-screen
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 23:11:28 +0000