Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Update spec file | Jon Griffiths | 2016-02-16 |
| | |||
* | centos6 fix | netblue30 | 2016-02-15 |
| | |||
* | manpage fix | netblue30 | 2016-02-14 |
| | |||
* | merged building on systems without bash from manevich | netblue30 | 2016-02-14 |
| | |||
* | merged building on systems without bash from manevich | netblue30 | 2016-02-14 |
| | |||
* | q | netblue30 | 2016-02-14 |
|\ | | | | | | | Merge branch 'master' of https://github.com/netblue30/firejail | ||
| * | Merge pull request #293 from reinerh/master | netblue30 | 2016-02-14 |
| |\ | | | | | | | Fix memory leak | ||
| | * | Fix memory leak | Reiner Herrmann | 2016-02-13 |
| | | | |||
* | | | merge | netblue30 | 2016-02-14 |
| | | | |||
* | | | merge | netblue30 | 2016-02-14 |
|/ / | |||
* | | small fixes | netblue30 | 2016-02-14 |
| | | |||
* | | --trace fix | netblue30 | 2016-02-13 |
| | | |||
* | | --trace fix | netblue30 | 2016-02-13 |
|/ | |||
* | remove konsole blacklist | netblue30 | 2016-02-12 |
| | |||
* | added lxterminal profile | netblue30 | 2016-02-12 |
| | |||
* | split out terminal blacklisting in disable-terminals.inc | netblue30 | 2016-02-12 |
| | |||
* | seccomp fixes | netblue30 | 2016-02-12 |
| | |||
* | set sandbox nice value | netblue30 | 2016-02-11 |
| | |||
* | fix problem with relative path in storage_find function | netblue30 | 2016-02-10 |
| | |||
* | Merge pull request #289 from manevich/patch-2 | netblue30 | 2016-02-10 |
|\ | | | | | Fix problem with relative path in storage_find function | ||
| * | Fix problem with relative path in storage_find function | Aleksey Manevich | 2016-02-10 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | storage_find function fails on relative path, so nothing reported to log when blacklisted file accessed by relative path. This is because CWD is NULL when realpath function called. How to reproduce: touch /home/user/somefile firejail --blacklist=somefile --tracelog cat somefile Solution: keep CWD value and set it before calling realpath. In order to do this: * new wrapper for chdir call, and variable to keep CWD added. * storage_find modified to chdir before calling realpath function. * order of storage_find and orig_* calls in syscall wrappers changed, to prevent error set by calls in storage_find leak outside. * condition for calling realpath changed to include double-slash and path without initial slash. | ||
* | | STUN/WebRTC disabled in default netfilter configuration | netblue30 | 2016-02-10 |
| | | |||
* | | STUN/WebRTC disabled in default netfilter configuration | netblue30 | 2016-02-10 |
| | | |||
* | | STUN/WebRTC disabled in default netfilter configuration | netblue30 | 2016-02-10 |
|/ | |||
* | whitelisting ~/.pki in Firefox, Crome/Cromium, Opera | netblue30 | 2016-02-09 |
| | |||
* | fixed man firejail-profile | netblue30 | 2016-02-09 |
| | |||
* | chroot testing | root | 2016-02-09 |
| | |||
* | chroot testing | root | 2016-02-09 |
| | |||
* | isolate command name problem | netblue30 | 2016-02-08 |
| | |||
* | whitelist fix | netblue30 | 2016-02-08 |
| | |||
* | fixed whitelist problem | netblue30 | 2016-02-08 |
| | |||
* | set window title | netblue30 | 2016-02-08 |
| | |||
* | default seccomp filter update | netblue30 | 2016-02-08 |
| | |||
* | default seccomp filter update | netblue30 | 2016-02-08 |
| | |||
* | default seccomp filter update | netblue30 | 2016-02-08 |
| | |||
* | 0.9.38 released0.9.38 | netblue30 | 2016-02-05 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-02 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-02 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-02 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-02 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-02 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-02 |
| | |||
* | 0.9.38 testing | netblue30 | 2016-02-01 |
| | |||
* | deprecated --private-home feature | netblue30 | 2016-02-01 |
| | |||
* | various fixes | netblue30 | 2016-01-31 |
| | |||
* | various fixes | netblue30 | 2016-01-31 |
| | |||
* | fixed ssh login in firejail shell | netblue30 | 2016-01-31 |
| | |||
* | mupen64plus profile | netblue30 | 2016-01-31 |
| | |||
* | Merge pull request #274 from manevich/patch-1 | netblue30 | 2016-01-31 |
|\ | | | | | Make additional vimrc files; .xscreensaver file read only | ||
| * | Make additional vimrc, .xscreensaver files read only | Aleksey Manevich | 2016-01-30 |
| | | | | | | | | Add .gvimrc and _ versions of other files used by vim when no dot-version available. Add .xscreensaver that can be used for arbitrary command execution by setting "textProgram" (instead of default fortune) and screensaver that launches it. |