aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAge
* --git-install: default disabled in ./configure scriptLibravatar netblue302017-02-07
|
* disable --git-install at compile timeLibravatar netblue302017-02-05
|
* enable strict seccomp filter on overlay optionsLibravatar netblue302017-02-05
|
* --git-install/--git-uninstallLibravatar netblue302017-02-05
|
* --git-installLibravatar netblue302017-02-04
|
* --git-installLibravatar netblue302017-02-04
|
* git-installLibravatar netblue302017-02-04
|
* quiet fixLibravatar netblue302017-02-04
|
* --writable-var-logLibravatar netblue302017-01-30
|
* --quiet fixLibravatar netblue302017-01-30
|
* mergesLibravatar netblue302017-01-29
|
* fixing --hosts-file privelege checkLibravatar Igor Bukanov2017-01-29
| | | | | | Currently the code uses the access() call to check if the user has an access to a file that is copied into the root as /etc/hosts. This inevitably adds a race when the user changes the file to a symbolic link pointing to an arbitrary location on the filsystem after the access check is done but before opening the file to copy it. This potentially allows to read any file on the system. To close this the code adds a utility copy_file_from_user_to_root . It opens the copy destination file as root and then forks/drop privileges. Then as a user the utility opens the source file and do the copy into the destination descriptor that is preserved accross the fork.
* support allow-private-blacklist in profile filesLibravatar netblue302017-01-28
|
* fixed access for --hosts-fileLibravatar netblue302017-01-23
|
* bash completion for --hosts-fileLibravatar netblue302017-01-22
|
* --hosts-file optionLibravatar netblue302017-01-22
|
* Add support for joining a persistent, named network namespace.Libravatar Zack Weinberg2017-01-20
|
* firejail/fs.c: include sys/wait.h for declaration of waitpidLibravatar Zack Weinberg2017-01-20
|
* man page fixLibravatar netblue302017-01-20
|
* fix PulseAudio/machine-id problemLibravatar netblue302017-01-18
|
* fix ASSERT_PERMS_FD macroLibravatar netblue302017-01-14
|
* local customizationLibravatar netblue302017-01-14
|
* nvidia fixLibravatar netblue302017-01-13
|
* cleanupLibravatar netblue302017-01-12
|
* Gentoo compile fixLibravatar netblue302017-01-12
|
* copy_file cleanupLibravatar netblue302017-01-11
|
* fixLibravatar netblue302017-01-11
|
* temoprary fix for local profile featureLibravatar netblue302017-01-11
|
* chroot tighteningLibravatar netblue302017-01-10
|
* copy_file cleanupLibravatar netblue302017-01-10
|
* security fixLibravatar netblue302017-01-10
|
* security fixLibravatar netblue302017-01-06
|
* security fixLibravatar netblue302017-01-06
|
* security fixesLibravatar netblue302017-01-04
|
* security fixLibravatar netblue302017-01-04
|
* allow non-seccomp setup for OverlayFS sandboxesLibravatar netblue302017-01-04
|
* gpg fixesLibravatar netblue302016-12-29
|
* Merge pull request #1004 from thewisenerd/patch-multiple-private-argvLibravatar netblue302016-12-24
|\ | | | | allow multiple private-argv
| * firejail: argv: allow multiple private-* optionsLibravatar thewisenerd2016-12-24
| |
| * firejail: profile: allow multiple private-* optionsLibravatar thewisenerd2016-12-24
| |
| * firejail: private-* : check, then assign.Libravatar thewisenerd2016-12-24
| |
| * argv: private-home: exit on invalid optionLibravatar thewisenerd2016-12-24
| |
* | main: guess_shell: use $SHELL variable if setLibravatar thewisenerd2016-12-24
|/ | | | fixes #983
* compile fixesLibravatar netblue302016-12-22
|
* testingLibravatar netblue302016-12-19
|
* Merge pull request #991 from thewisenerd/masterLibravatar netblue302016-12-19
|\ | | | | appimage: pass commandline arguments
| * appimage: pass commandline argumentsLibravatar thewisenerd2016-12-19
| | | | | | | | | | | | | | | | | | | | | | | | | | commandline arguments are not being passed to appimage, which hinders some functionality. This adds the function build_appimage_cmdline based on build_cmdline which works by calling quote_cmdline with passed argv, and then replaces initial argument with AppRun path generated in appimage_set. TODO: deal with extra memory allocation. The 'quoted' length of the first '*.AppImage' argument may or may not be greater than the 'quoted' AppRun path.
* | Implement the --allow-private-blacklist optionLibravatar Peter Millerchip2016-12-18
| |
* | Remove compiler warnings on Ubuntu 16.04Libravatar Peter Millerchip2016-12-18
|/
* Merge pull request #978 from Fred-Barclay/keepassx2Libravatar netblue302016-12-16
|\ | | | | Add keepassx2 profile
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 04:33:55 +0000