Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | mdwx: block memfd_create | Topi Miettinen | 2019-03-05 |
| | | | | | Some profiles may need adjusting if app uses memfd_create(2) and memory-deny-write-execute was enabled. | ||
* | Sort items alphabetically in man firejail (#2479) | glitsj16 | 2019-02-26 |
| | |||
* | documentation update | smitsohu | 2019-02-23 |
| | |||
* | Add machine-id note to man firejail (#2442) | glitsj16 | 2019-02-21 |
| | |||
* | Stress apparmor local overrides | glitsj16 | 2019-02-05 |
| | | | As per discussion on https://github.com/netblue30/firejail/pull/2390, we better use slightly stronger/less optional wording when it comes to where local apparmor overrides need to be done. | ||
* | --name rework | netblue30 | 2019-02-01 |
| | |||
* | removed mincore syscall from default seccomp filter | netblue30 | 2019-01-23 |
| | |||
* | adding mincore syscall to the default seccomp filter and some independent ↵ | netblue30 | 2019-01-14 |
| | | | | profiles | ||
* | Merge pull request #2297 from smitsohu/patch | startx2017 | 2018-12-17 |
|\ | | | | | enforce nonewprivs instead of seccomp for chroot sandboxes | ||
| * | enforce nonewprivs instead of seccomp for chroot sandboxes | smitsohu | 2018-12-15 |
| | | | | | | | | | | currently users are able to specify a seccomp filter of their choosing, leaving the real defense to nonewprivs anyway. | ||
* | | fix netstats typo in man firejail | glitsj16 | 2018-12-16 |
|/ | |||
* | add HAS_NODBUS conditional, ${RUNUSER} makro | smitsohu | 2018-12-07 |
| | |||
* | Merge pull request #2276 from smitsohu/tmpfs | netblue30 | 2018-11-28 |
|\ | | | | | refactor private-cache and tmpfs | ||
| * | refactor private-cache and tmpfs | smitsohu | 2018-11-26 |
| | | | | | | | | | | | | has the immediate benefit that the result of combining --noexec and --tmpfs does not depend on the sequence of the options | ||
* | | firecfg: small tweaks, fixes, man page update | smitsohu | 2018-11-27 |
| | | |||
* | | man page typo | smitsohu | 2018-11-27 |
|/ | |||
* | Misc. typos | luz.paz | 2018-11-19 |
| | | | Found using `codespell -q 3 -L shotcut,objext,als,ans,creat,varius,chage,tthe` | ||
* | Add better documentation for "-c" option. | Glenn Washburn | 2018-11-18 |
| | |||
* | Allow prefixing colon to profile argument of --profile to for a profile ↵ | Glenn Washburn | 2018-11-09 |
| | | | | search, and disallow a directory to match as a profile file. | ||
* | Add new config option to disable U2F in browsers, enabled by default | Tad | 2018-11-05 |
| | |||
* | adding --net.print command line option | netblue30 | 2018-10-29 |
| | |||
* | Fix doc: A more accurate example of profile loading by profile name. | Glenn Washburn | 2018-10-17 |
| | |||
* | Fix docs on default seccomp list: change mfsservctl -> nfsservctl and ↵ | Glenn Washburn | 2018-10-17 |
| | | | | reorder, add ni_syscall, remove duplicate process_vm_writev, add sys_debug_setcontext. | ||
* | Update profile manpage to detail added "include" functionality. | Glenn Washburn | 2018-10-17 |
| | |||
* | Merge pull request #2158 from crass/profile_conditional | crass | 2018-10-17 |
|\ | | | | | #2158: Add support for rudimentary conditionals in profiles | ||
| * | Update documentation for profile conditionals. | Glenn Washburn | 2018-10-16 |
| | | |||
* | | manpages: update disable-mnt description | Vincent43 | 2018-10-16 |
|/ | | | This will better match current code. | ||
* | Update man pages and usage to reflect --profile enhancement. | Glenn Washburn | 2018-10-15 |
| | |||
* | manpage cleanup | netblue30 | 2018-09-26 |
| | |||
* | manpages: fix apparmor profile path | Vincent43 | 2018-09-22 |
| | |||
* | manpages: fix alignment | Vincent43 | 2018-09-22 |
| | |||
* | manpages: update AppArmor info | Vincent43 | 2018-09-22 |
| | |||
* | support for firetunnel utility | netblue30 | 2018-09-09 |
| | |||
* | --chroot fixes (Debian problem) | netblue30 | 2018-09-01 |
| | |||
* | fix and harden overlay options | smitsohu | 2018-08-28 |
| | |||
* | allow system users to run the sandbox | netblue30 | 2018-08-26 |
| | |||
* | man: fix example for --build command | Reiner Herrmann | 2018-08-19 |
| | |||
* | Replace all possible HTTP links with HTTPS | Tad | 2018-08-08 |
| | |||
* | --ignore cleanup | startx2017 | 2018-08-04 |
| | |||
* | tunneling support - tap interface in --net option | netblue30 | 2018-07-11 |
| | |||
* | Add documentation for keep-dev-shm option | ಚಿರಾಗ್ ನಟರಾಜ್ | 2018-07-09 |
| | |||
* | --netmask option | netblue30 | 2018-07-06 |
| | |||
* | Merges + misc fixes | Tad | 2018-07-04 |
| | | | | | | | | - Change some links in README to HTTPS - Fixup some typos in firejail-profile manpage - Cleanup dash from private-etc - Fixup gradio - Synchronize server profile with default profile | ||
* | Revert "mounting a tmpfs on ~/.cache directory (private-cache) by default" | Tad | 2018-06-14 |
| | | | | This reverts commit caa7ad8714206a158123773ddcaca6ef219a5501. | ||
* | Change --nousb to --nou2f per suggestion on last commit. | Chiraag Nataraj | 2018-06-12 |
| | |||
* | Add --nousb option | Chiraag Nataraj | 2018-06-12 |
| | |||
* | mounting a tmpfs on ~/.cache directory (private-cache) by default | netblue30 | 2018-06-12 |
| | |||
* | update man page (private-cache) | smitsohu | 2018-06-12 |
| | |||
* | wireless support | netblue30 | 2018-06-09 |
| | |||
* | support wireless interfaces for --net | netblue30 | 2018-06-09 |
| |