Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Simple implementation of noblacklist command. | sarneaud | 2015-09-01 |
| | |||
* | Clean up some fragile uses of strncmp. | sarneaud | 2015-09-01 |
| | | | | | | | In some places the code compares the first n characters of a string and then assumes a valid string starts from the n+2th character. I didn't find any places where this wasn't justifiable, but I think it's better to stick to safer patterns, especially in SUID code. | ||
* | using /etc/firejail/server.profile as default profile if the sandbox is ↵ | netblue30 | 2015-08-31 |
| | | | | started by root | ||
* | admin work | netblue30 | 2015-08-30 |
| | |||
* | Merge pull request #48 from sarneaud/glob | netblue30 | 2015-08-30 |
|\ | | | | | Rewrite globbing code to fix various minor issues | ||
| * | Rewrite globbing code to fix various minor issues | sarneaud | 2015-08-29 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Plug a memory leak. * Remove the short-circuit. (This breaks when someone uses [] or ? patterns without using *. I figure it's best to use the principle of least surprise and just let the system glob() implementation do what it does.) * Stop sorting results. I've also replaced a lot of disable-history.inc with a glob pattern. Now it catches files like .sqlite_history and whatever the user runs under rlwrap. | ||
* | | fixing manpages | netblue30 | 2015-08-30 |
|/ | |||
* | more fixes for blacklist on Arch systems | netblue30 | 2015-08-28 |
| | |||
* | don't blacklist directory links, print a warning | netblue30 | 2015-08-28 |
| | |||
* | fix firejail-in-firejail again | netblue30 | 2015-08-28 |
| | |||
* | cleanup unfinished features | netblue30 | 2015-08-28 |
| | |||
* | firejail-in-firejail fixes | netblue30 | 2015-08-28 |
| | |||
* | fixes | netblue30 | 2015-08-27 |
| | |||
* | cleanup | netblue30 | 2015-08-27 |
| | |||
* | testing | netblue30 | 2015-08-27 |
| | |||
* | Use generic.profile by default: fixes | iiotx | 2015-08-27 |
| | |||
* | Use generic.profile by default | iiotx | 2015-08-26 |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | netblue30 | 2015-08-26 |
|\ | |||
| * | Fix typo in usage.c | Peter Millerchip | 2015-08-24 |
| | | |||
* | | Fixed overlay on Arch linux; minor cleanups | netblue30 | 2015-08-26 |
|/ | |||
* | added --env option | netblue30 | 2015-08-24 |
| | |||
* | Merge pull request #42 from pmillerchip/expand-home | netblue30 | 2015-08-23 |
|\ | | | | | Implement the expand_home util function | ||
| * | Implement the expand_home util function | Peter Millerchip | 2015-08-22 |
| | | |||
* | | Merge pull request #41 from pmillerchip/fatal-warnings | netblue30 | 2015-08-23 |
|\ \ | | | | | | | Support --enable-fatal-warnings in all Makefiles | ||
| * | | Support --enable-fatal-warnings in all Makefiles | Peter Millerchip | 2015-08-22 |
| | | | |||
* | | | if a sandbox is already running, the program is started directly | netblue30 | 2015-08-23 |
| |/ |/| | |||
* | | support net none in profile files | netblue30 | 2015-08-22 |
|/ | |||
* | added --enable-fatal-warnings | netblue30 | 2015-08-21 |
| | |||
* | Fix arguments passed to child process during execvp in --shell=none mode | Peter Millerchip | 2015-08-20 |
| | |||
* | remove warnings form src/lib/Makefile.in | netblue30 | 2015-08-20 |
| | |||
* | Compile with -W -Wall -Werror | Peter Millerchip | 2015-08-20 |
| | |||
* | Merge pull request #33 from pmillerchip/filenames-with-spaces | netblue30 | 2015-08-19 |
|\ | | | | | Support filenames with spaces in the blacklist option | ||
| * | Support filenames with spaces in the blacklist option | Peter Millerchip | 2015-08-19 |
| | | |||
* | | moved bash completion files under src | netblue30 | 2015-08-18 |
|/ | |||
* | Support ~ in blacklist and profile includes | Peter Millerchip | 2015-08-18 |
| | |||
* | removed mknod from default seccomp filter, some software packages are using ↵ | netblue30 | 2015-08-16 |
| | | | | named pipes created with mknod | ||
* | moved warning under --debug option | netblue30 | 2015-08-16 |
| | |||
* | Merge pull request #29 from pmillerchip/symlink-fixes | netblue30 | 2015-08-16 |
|\ | | | | | Replace get_link with realpath | ||
| * | Replace get_link with realpath | Peter Millerchip | 2015-08-16 |
| | | |||
* | | --overlay rework, adding a persistent directory; implemented --overlay-tmpfs ↵ | netblue30 | 2015-08-16 |
|/ | | | | option | ||
* | Merge pull request #28 from mhaas/fix-some-compiler-warnings | netblue30 | 2015-08-16 |
|\ | | | | | Fix some compiler warnings | ||
| * | Fix comparison between unsigned and signed | Michael Haas | 2015-08-16 |
| | | |||
| * | Remove unused variables | Michael Haas | 2015-08-16 |
| | | |||
| * | Fix typo: viod -> void | Michael Haas | 2015-08-16 |
| | | |||
* | | Merge pull request #27 from mhaas/fix-typos-in-man | netblue30 | 2015-08-16 |
|\ \ | | | | | | | Fix typos in firejail and firejail-profile man | ||
| * | | Fix typos in firejail and firejail-profile man | Michael Haas | 2015-08-16 |
| |/ | | | | | | | Signed-off-By: Michael Haas <haas@computerlinguist.org> | ||
* / | Call realpath to resolve symlinks correctly in disable_file | Peter Millerchip | 2015-08-15 |
|/ | |||
* | Merge pull request #21 from pmillerchip/private-home | netblue30 | 2015-08-14 |
|\ | | | | | Implement the --private-home option | ||
| * | Implement the --private-home option as an alternative name for --private.keep | Peter Millerchip | 2015-08-13 |
| | | |||
* | | Fix typos in firejail-profile manpage | Peter Millerchip | 2015-08-13 |
|/ |