Commit message (Collapse) | Author | Age | ||
---|---|---|---|---|
... | ||||
* | Fixes for man firejail (#2628) | 2019-03-29 | ||
| | ||||
* | Follow-up on flatpak/snap support (#2601) | 2019-03-16 | ||
| | | | | | | | | | | * Remove obsolete snap support from disable-programs.inc * Remove obsolete snap support from pycharm-community.profile * Update RELNOTES to reflect non-existing/dropped flatpak/snap support * Update firejail.txt to reflect flatpak/snap packages are not supported | |||
* | Update firejail.txt (#2585) | 2019-03-13 | ||
| | ||||
* | mdwx: block memfd_create | 2019-03-05 | ||
| | | | | | Some profiles may need adjusting if app uses memfd_create(2) and memory-deny-write-execute was enabled. | |||
* | Sort items alphabetically in man firejail (#2479) | 2019-02-26 | ||
| | ||||
* | documentation update | 2019-02-23 | ||
| | ||||
* | Add machine-id note to man firejail (#2442) | 2019-02-21 | ||
| | ||||
* | Stress apparmor local overrides | 2019-02-05 | ||
| | | | As per discussion on https://github.com/netblue30/firejail/pull/2390, we better use slightly stronger/less optional wording when it comes to where local apparmor overrides need to be done. | |||
* | --name rework | 2019-02-01 | ||
| | ||||
* | removed mincore syscall from default seccomp filter | 2019-01-23 | ||
| | ||||
* | adding mincore syscall to the default seccomp filter and some independent ↵ | 2019-01-14 | ||
| | | | | profiles | |||
* | Merge pull request #2297 from smitsohu/patch | 2018-12-17 | ||
|\ | | | | | enforce nonewprivs instead of seccomp for chroot sandboxes | |||
| * | enforce nonewprivs instead of seccomp for chroot sandboxes | 2018-12-15 | ||
| | | | | | | | | | | currently users are able to specify a seccomp filter of their choosing, leaving the real defense to nonewprivs anyway. | |||
* | | fix netstats typo in man firejail | 2018-12-16 | ||
|/ | ||||
* | add HAS_NODBUS conditional, ${RUNUSER} makro | 2018-12-07 | ||
| | ||||
* | Merge pull request #2276 from smitsohu/tmpfs | 2018-11-28 | ||
|\ | | | | | refactor private-cache and tmpfs | |||
| * | refactor private-cache and tmpfs | 2018-11-26 | ||
| | | | | | | | | | | | | has the immediate benefit that the result of combining --noexec and --tmpfs does not depend on the sequence of the options | |||
* | | firecfg: small tweaks, fixes, man page update | 2018-11-27 | ||
| | | ||||
* | | man page typo | 2018-11-27 | ||
|/ | ||||
* | Misc. typos | 2018-11-19 | ||
| | | | Found using `codespell -q 3 -L shotcut,objext,als,ans,creat,varius,chage,tthe` | |||
* | Add better documentation for "-c" option. | 2018-11-18 | ||
| | ||||
* | Allow prefixing colon to profile argument of --profile to for a profile ↵ | 2018-11-09 | ||
| | | | | search, and disallow a directory to match as a profile file. | |||
* | Add new config option to disable U2F in browsers, enabled by default | 2018-11-05 | ||
| | ||||
* | adding --net.print command line option | 2018-10-29 | ||
| | ||||
* | Fix doc: A more accurate example of profile loading by profile name. | 2018-10-17 | ||
| | ||||
* | Fix docs on default seccomp list: change mfsservctl -> nfsservctl and ↵ | 2018-10-17 | ||
| | | | | reorder, add ni_syscall, remove duplicate process_vm_writev, add sys_debug_setcontext. | |||
* | Update profile manpage to detail added "include" functionality. | 2018-10-17 | ||
| | ||||
* | Merge pull request #2158 from crass/profile_conditional | 2018-10-17 | ||
|\ | | | | | #2158: Add support for rudimentary conditionals in profiles | |||
| * | Update documentation for profile conditionals. | 2018-10-16 | ||
| | | ||||
* | | manpages: update disable-mnt description | 2018-10-16 | ||
|/ | | | This will better match current code. | |||
* | Update man pages and usage to reflect --profile enhancement. | 2018-10-15 | ||
| | ||||
* | manpage cleanup | 2018-09-26 | ||
| | ||||
* | manpages: fix apparmor profile path | 2018-09-22 | ||
| | ||||
* | manpages: fix alignment | 2018-09-22 | ||
| | ||||
* | manpages: update AppArmor info | 2018-09-22 | ||
| | ||||
* | support for firetunnel utility | 2018-09-09 | ||
| | ||||
* | --chroot fixes (Debian problem) | 2018-09-01 | ||
| | ||||
* | fix and harden overlay options | 2018-08-28 | ||
| | ||||
* | allow system users to run the sandbox | 2018-08-26 | ||
| | ||||
* | man: fix example for --build command | 2018-08-19 | ||
| | ||||
* | Replace all possible HTTP links with HTTPS | 2018-08-08 | ||
| | ||||
* | --ignore cleanup | 2018-08-04 | ||
| | ||||
* | tunneling support - tap interface in --net option | 2018-07-11 | ||
| | ||||
* | Add documentation for keep-dev-shm option | 2018-07-09 | ||
| | ||||
* | --netmask option | 2018-07-06 | ||
| | ||||
* | Merges + misc fixes | 2018-07-04 | ||
| | | | | | | | | - Change some links in README to HTTPS - Fixup some typos in firejail-profile manpage - Cleanup dash from private-etc - Fixup gradio - Synchronize server profile with default profile | |||
* | Revert "mounting a tmpfs on ~/.cache directory (private-cache) by default" | 2018-06-14 | ||
| | | | | This reverts commit caa7ad8714206a158123773ddcaca6ef219a5501. | |||
* | Change --nousb to --nou2f per suggestion on last commit. | 2018-06-12 | ||
| | ||||
* | Add --nousb option | 2018-06-12 | ||
| | ||||
* | mounting a tmpfs on ~/.cache directory (private-cache) by default | 2018-06-12 | ||
| |