Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | merge #1100 from zackw: follow link support in --private-bin | netblue30 | 2017-02-15 |
| | |||
* | merge #1100 from zackw: fcopy rework, --follow-link support in fcopy | netblue30 | 2017-02-15 |
| | |||
* | cleanup | netblue30 | 2017-02-15 |
| | |||
* | merge #1100 from zackw: rework X11 xorg processing - this is a partial merge | netblue30 | 2017-02-15 |
| | |||
* | merge #1100 from zackw: rework X11 display number assignment | netblue30 | 2017-02-15 |
| | |||
* | merge #1100 from zackw: rework abstract X11 socket detection | netblue30 | 2017-02-15 |
| | |||
* | merge #1100 from zackw: rework xpra and xephyr detection | netblue30 | 2017-02-15 |
| | |||
* | merge #1100 from zackw: rework DISPLAY environment parsing, rework masking ↵ | netblue30 | 2017-02-14 |
| | | | | X11 sockets in /tmp/.X11-unix directory | ||
* | compile cleanup | netblue30 | 2017-02-14 |
| | |||
* | merge #1100 from zackw: fix ugly memeory corruption in noblacklist processing | netblue30 | 2017-02-14 |
| | |||
* | merge #1100 from zackw: removed libconnect | netblue30 | 2017-02-14 |
| | |||
* | force-nonewprivs fix for /etc/firejail/firejail.config | netblue30 | 2017-02-12 |
| | |||
* | follow-symlink-as-user runtime config option in /etc/firejail/firejail.config | netblue30 | 2017-02-12 |
| | |||
* | firecfg.config fix | netblue30 | 2017-02-12 |
| | |||
* | copyright 2017 | netblue30 | 2017-02-11 |
| | |||
* | copyright 2017 | netblue30 | 2017-02-11 |
| | |||
* | adding macro for include command in profile files | netblue30 | 2017-02-09 |
| | |||
* | firemon fix | netblue30 | 2017-02-07 |
| | |||
* | --git-install: default disabled in ./configure script | netblue30 | 2017-02-07 |
| | |||
* | disable --git-install at compile time | netblue30 | 2017-02-05 |
| | |||
* | enable strict seccomp filter on overlay options | netblue30 | 2017-02-05 |
| | |||
* | --git-install/--git-uninstall | netblue30 | 2017-02-05 |
| | |||
* | --git-install | netblue30 | 2017-02-04 |
| | |||
* | --git-install | netblue30 | 2017-02-04 |
| | |||
* | git-install | netblue30 | 2017-02-04 |
| | |||
* | quiet fix | netblue30 | 2017-02-04 |
| | |||
* | --writable-var-log | netblue30 | 2017-01-30 |
| | |||
* | --quiet fix | netblue30 | 2017-01-30 |
| | |||
* | merges | netblue30 | 2017-01-29 |
| | |||
* | fixing --hosts-file privelege check | Igor Bukanov | 2017-01-29 |
| | | | | | | Currently the code uses the access() call to check if the user has an access to a file that is copied into the root as /etc/hosts. This inevitably adds a race when the user changes the file to a symbolic link pointing to an arbitrary location on the filsystem after the access check is done but before opening the file to copy it. This potentially allows to read any file on the system. To close this the code adds a utility copy_file_from_user_to_root . It opens the copy destination file as root and then forks/drop privileges. Then as a user the utility opens the source file and do the copy into the destination descriptor that is preserved accross the fork. | ||
* | support allow-private-blacklist in profile files | netblue30 | 2017-01-28 |
| | |||
* | fixed access for --hosts-file | netblue30 | 2017-01-23 |
| | |||
* | bash completion for --hosts-file | netblue30 | 2017-01-22 |
| | |||
* | --hosts-file option | netblue30 | 2017-01-22 |
| | |||
* | Add support for joining a persistent, named network namespace. | Zack Weinberg | 2017-01-20 |
| | |||
* | firejail/fs.c: include sys/wait.h for declaration of waitpid | Zack Weinberg | 2017-01-20 |
| | |||
* | man page fix | netblue30 | 2017-01-20 |
| | |||
* | fix PulseAudio/machine-id problem | netblue30 | 2017-01-18 |
| | |||
* | fix ASSERT_PERMS_FD macro | netblue30 | 2017-01-14 |
| | |||
* | local customization | netblue30 | 2017-01-14 |
| | |||
* | nvidia fix | netblue30 | 2017-01-13 |
| | |||
* | cleanup | netblue30 | 2017-01-12 |
| | |||
* | Gentoo compile fix | netblue30 | 2017-01-12 |
| | |||
* | copy_file cleanup | netblue30 | 2017-01-11 |
| | |||
* | fix | netblue30 | 2017-01-11 |
| | |||
* | temoprary fix for local profile feature | netblue30 | 2017-01-11 |
| | |||
* | chroot tightening | netblue30 | 2017-01-10 |
| | |||
* | copy_file cleanup | netblue30 | 2017-01-10 |
| | |||
* | security fix | netblue30 | 2017-01-10 |
| | |||
* | security fix | netblue30 | 2017-01-06 |
| |