| Commit message (Collapse) | Author | Age | ||
|---|---|---|---|---|
| ... | ||||
| * | fix chroot with mounted resolv.conf |  smitsohu | 2019-10-13 | |
| | | ||||
| * | x11 hardening | smitsohu | 2019-10-13 | |
| | | ||||
| * | kalgebra.profile, kalgebramobile.profile |  rusty-snake | 2019-10-12 | |
| | | ||||
| * | x11 xorg: blacklist non-default Xauthority file | smitsohu | 2019-10-08 | |
| | | | | fixes #1652 | |||
| * | add x11 xorg option to HAS_X11 conditional - #2205 | smitsohu | 2019-10-08 | |
| | | ||||
| * | add HAS_X11 conditional, disconnect session manager - #2205 | smitsohu | 2019-10-08 | |
| | | ||||
| * | little tweaks | smitsohu | 2019-10-08 | |
| | | ||||
| * | Merge pull request #2982 from smitsohu/chroot |  netblue30 | 2019-10-04 | |
| |\ | | | | | Move chroot entirely from path based to file descriptor based mounts | |||
| | * | improve enforce_filters warning | smitsohu | 2019-10-01 | |
| | | | | | | | added an additional newline in order to keep it visually separate from other unrelated error messages | |||
| | * | simplify chroot option parsing | smitsohu | 2019-10-01 | |
| | | | | | | | | | this is a partial revert, back to the original code | |||
| | * | base checks and mounts on same file descriptor | smitsohu | 2019-10-01 | |
| | | | ||||
| | * | improve variable names | smitsohu | 2019-09-29 | |
| | | | ||||
| | * | chroot module | smitsohu | 2019-09-29 | |
| | | | ||||
| | * | move chroot from path based to file descriptor based mounts | smitsohu | 2019-09-29 | |
| | | | ||||
| * | | fix the fix | smitsohu | 2019-10-04 | |
| | | | | | | | | | | | | | cf. previous commit 34e5ad65b238b698c55e4921c9ac9294e6548cc7 line buffered output is what we really want | |||
| * | | alphabetize man page entries | smitsohu | 2019-10-04 | |
| | | | ||||
| * | | fix concurrent writing to trace file | smitsohu | 2019-10-04 | |
| | | | ||||
| * | | break out of libtrace file open loop | smitsohu | 2019-10-04 | |
| | | | ||||
| * | | commented out some debug code in libtrace | netblue30 | 2019-09-29 | |
| | | | ||||
| * | | increase socket buffer size for firemon, bug #2700 | netblue30 | 2019-09-29 | |
| |/ | ||||
| * | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2019-09-22 | |
| |\ | ||||
| | * | Create pngquant.profile | rusty-snake | 2019-09-21 | |
| | | | ||||
| | * | Create gnome-latex.profile | rusty-snake | 2019-09-20 | |
| | | | ||||
| * | | minor optimization | smitsohu | 2019-09-22 | |
| | | | ||||
| * | | prevent trace from interfering with sandbox setup | smitsohu | 2019-09-22 | |
| | | | ||||
| * | | various clarifications, minor fixes | smitsohu | 2019-09-22 | |
| |/ | ||||
| * | break out fs_tracefile function | smitsohu | 2019-09-18 | |
| | | ||||
| * | fix the fix: tune file copy limit width | smitsohu | 2019-09-17 | |
| | | ||||
| * | fail gracefully if argc is zero | smitsohu | 2019-09-17 | |
| | | ||||
| * | add trace file validation | smitsohu | 2019-09-17 | |
| | | ||||
| * | move to fd based trace file mount | smitsohu | 2019-09-17 | |
| | | ||||
| * | Merge branch 'master' into fix-profile-builder | netblue30 | 2019-09-15 | |
| |\ | ||||
| | * | update seccomp in man firejail | rusty-snake | 2019-09-13 | |
| | | | ||||
| | * | libtrace cleanup | netblue30 | 2019-09-10 | |
| | | | ||||
| | * | Add ar profile (#2949) |  glitsj16 | 2019-09-08 | |
| | | | | | | | | | | | | | * Add ar to firecfg * Create ar.profile | |||
| | * | fix FIREJAIL_FILE_COPY_LIMIT larger than 2GB | smitsohu | 2019-09-05 | |
| | | | ||||
| | * | Revert changes in #2928 to seccomp group @default |  Topi Miettinen | 2019-09-04 | |
| | | | | | | | | | | | Reconstruct @default by not relying on the changed system call groups @privileged and @resources. | |||
| * | | Make sure that we are unprivileged before creating the trace log file. |  Glenn Washburn | 2019-08-29 | |
| | | | ||||
| * | | When running builder trace output should go to separate file because (1) ↵ | Glenn Washburn | 2019-08-29 | |
| | | | | | | | | | trace output is logged to console, which is a pain to capture, and (2) it should not be mingled with program output anyway, which it was when sending to stdout. | |||
| * | | Update man page to note that --trace can now take an optional parameter. | Glenn Washburn | 2019-08-29 | |
| | | | ||||
| * | | Allow firejail --trace option to take an optional parameter which is the ↵ | Glenn Washburn | 2019-08-29 | |
| | | | | | | | | | trace log file path. The trace log file will be created if it does not exist and then bind mounted to RUN_TRACE_FILE so that the sandboxed program can access it. | |||
| * | | Allow libtrace preload library to use for trace output a logfile specified ↵ | Glenn Washburn | 2019-08-29 | |
| | | | | | | | | | by the environment variable FIREJAIL_TRACEFILE or as the RUN_TRACE_FILE if it exists ortherwise use the console as before. | |||
| * | | Fix issue where strace output file path has leading space making it an ↵ | Glenn Washburn | 2019-08-29 | |
| | | | | | | | | | invalid path. | |||
| * | | Better debug handling. | Glenn Washburn | 2019-08-29 | |
| | | | ||||
| * | | Profile builder helper should use correct firejail binary path. | Glenn Washburn | 2019-08-29 | |
| |/ | ||||
| * | Merge pull request #2928 from topimiettinen/seccomp-more-groups | netblue30 | 2019-08-29 | |
| |\ | | | | | Add further seccomp groups | |||
| | * | Add further seccomp groups | Topi Miettinen | 2019-08-28 | |
| | | | | | | | | | Get further seccomp group definitions from systemd. | |||
| * | | fix previous merge | netblue30 | 2019-08-29 | |
| | | | ||||
| * | | Merge branch 'master' into seccomp-allow-exceptions | netblue30 | 2019-08-29 | |
| |\ \ | ||||
| | * | | seccomp fix: allow numeric syscalls |  aoand | 2019-08-26 | |
| | |/ | | | | | | | as per man page, numeric syscall is indicated by the dollar sign '$' | |||
 |
index : firejail | |
| Mirror of https://github.com/netblue30/firejail | Firejail Authors |
| aboutsummaryrefslogtreecommitdiffstats |