aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAge
* testingLibravatar netblue302017-09-05
|
* fix caps.keep/dac-overwriteLibravatar startx20172017-09-05
|
* "module" is already included in "privileged"Libravatar smitsohu2017-09-04
|
* fix #1522Libravatar netblue302017-09-03
|
* merge yandex browserLibravatar netblue302017-09-02
|
* --profile.print optionLibravatar netblue302017-09-02
|
* Improve seccomp support for non-x86 architecturesLibravatar Topi Miettinen2017-09-02
|
* Workaround for build problems, but correct problem this timeLibravatar Topi Miettinen2017-09-02
|
* Workaround for build problems on arm64, s390x and sparc64Libravatar Topi Miettinen2017-09-01
|
* Improve cross-platform buildLibravatar Topi Miettinen2017-08-30
|
* removed zsh from travis test suite, fixed handling of /dev/shm whitelist for ↵Libravatar netblue302017-08-30
| | | | Debian wheezy and Ubuntu 14.04
* fix seccomp secondary filter printing on i386 platformLibravatar netblue302017-08-30
|
* tentative fix for Debian cross-platform buildLibravatar netblue302017-08-30
|
* pidstr needs 11 bytes (10 + NULL)Libravatar Reiner Herrmann2017-08-29
| | | | | | | | | | | | | also use %d because index is signed int. Found by compiler: netstats.c:165:23: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=] snprintf(pidstr, 10, "%u", index); ^~~~ In file included from /usr/include/stdio.h:938:0, from firemon.h:24, from netstats.c:20: /usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note: ‘__builtin___snprintf_chk’ output between 2 and 11 bytes into a destination of size 10
* Fix pointer dereferenceLibravatar Reiner Herrmann2017-08-29
| | | | | | | Found by compiler: fs_bin.c:108:14: warning: comparison between pointer and zero character constant [-Wpointer-compare] if (++fname == '\0') ^~
* cleanupLibravatar netblue302017-08-27
|
* --private-bin: restrict full paths to the directories in the listLibravatar netblue302017-08-27
|
* Allow private-bin parameters to be an absolute pathLibravatar LaurentGH2017-08-24
| | | With Ubuntu 16.04, /usr/bin/which is a symlink to /bin/which. So, using "private-bin which" finds "which" in /usr/bin and adds the symlink to "which" in /bin mapped directory. The /bin directory thus contains a symlink named "which" pointing to "/bin/which" (itself). This creates a symlink loop, and does not work. In order to solve this, the full path can now be used, such as "private-bin /bin/which".
* fix compiling when seccomp is disabledLibravatar Reiner Herrmann2017-08-23
|
* man pageLibravatar netblue302017-08-23
|
* enforce seccompLibravatar netblue302017-08-23
|
* fix seccomp.keep for #1490Libravatar netblue302017-08-23
|
* Merge pull request #1488 from SpotComms/mfLibravatar netblue302017-08-23
|\ | | | | Various changes
| * Add a profile for NeverballLibravatar Tad2017-08-22
| |
* | cleanupLibravatar netblue302017-08-23
| |
* | seccomp: fix errnoLibravatar netblue302017-08-22
|/
* compile fixesLibravatar netblue302017-08-21
|
* enhancement: print all seccomp filters under --debugLibravatar netblue302017-08-20
|
* Feature: switch/config option to block secondary architecturesLibravatar Topi Miettinen2017-08-19
| | | | | | | | | Add a feature for a new (opt-in) command line switch and config file option to block secondary architectures entirely. Also block changing Linux execution domain with personality() system call for the primary architecture. Closes #1479
* testingLibravatar netblue302017-08-19
|
* create /usr/local for firecfg if the directory doesn't existLibravatar netblue302017-08-19
|
* Postpone installation of seccomp filters just before execveLibravatar Topi Miettinen2017-08-19
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar netblue302017-08-18
|\
| * new MuseScore profile (#1477)Libravatar smitsohu2017-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * add musescore profile * blacklist musescore * add musescore * add musescore * add tuxguitar, musescore * add tuxguitar, musescore
* | seccomp testingLibravatar netblue302017-08-18
|/
* Minor manpage correctionLibravatar Reiner Herrmann2017-08-18
|
* memory-deny-write-execute testingLibravatar netblue302017-08-18
|
* private-libLibravatar netblue302017-08-17
|
* memory-deny-write-executeLibravatar netblue302017-08-17
|
* --net=none documentationLibravatar netblue302017-08-17
|
* fix x11 display reporting in firemon and firetools for sessions joining an ↵Libravatar netblue302017-08-15
| | | | existing x11 sandbox
* compile cleanupLibravatar startx20172017-08-15
|
* fix #1462Libravatar startx20172017-08-15
|
* update RELNOTES/Readme.md/--help; man page update for #1439Libravatar startx20172017-08-14
|
* Fix compile with older kernel headersLibravatar Topi Miettinen2017-08-13
|
* Fix copy-pasteLibravatar Topi Miettinen2017-08-13
|
* Allow any syscall to be blacklisted (#1447)Libravatar Topi Miettinen2017-08-13
| | | | | | | Allow any syscall to be blacklisted with aid of LD_PRELOAD library, libpostexecseccomp.so. Closes: #1447
* modif: --output split in two commands, --output and --output-stderr; fix for ↵Libravatar netblue302017-08-13
| | | | #1458
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar netblue302017-08-12
|\
| * Enable system call groups with minus signLibravatar Topi Miettinen2017-08-12
| |
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 16:52:32 +0000