From ffa82e068fd7b77fd7fec733d899f53b8b33c532 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Sat, 12 Dec 2020 09:58:56 +0100 Subject: Update firejail-welcome.sh typos, spelling and other fixes. thanks @reinerh for all these --- contrib/firejail-welcome.sh | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/contrib/firejail-welcome.sh b/contrib/firejail-welcome.sh index 21425562d..2943983e5 100755 --- a/contrib/firejail-welcome.sh +++ b/contrib/firejail-welcome.sh @@ -1,9 +1,18 @@ #!/bin/bash # This file is part of Firejail project -# Copyright (C) 2014-2020 Firejail Authors +# Copyright (C) 2020 Firejail Authors # License GPL v2 +if ! command -v zenity >/dev/null; then + echo "Please install zenity." + exit 1 +fi +if ! command -v sudo >/dev/null; then + echo "Please install sudo." + exit 1 +fi + export LANG=en_US.UTF8 zenity --title=firejail-welcome.sh --text-info --width=750 --height=500 <.local in ~/.config/firejal. +.local in ~/.config/firejal. -Firejails own configuration can be found at /etc/firejail/firejail.config. +Firejail's own configuration can be found at /etc/firejail/firejail.config. Please note that running this script a second time can set new options, but does not unset options set in a previous run. -Webiste: https://firejail.wordpress.com +Website: https://firejail.wordpress.com Bug-Tracker: https://github.com/netblue30/firejail/issues Documentation: - https://github.com/netblue30/firejail/wiki @@ -27,7 +36,7 @@ Documentation: - https://firejail.wordpress.com/documentation-2 - man:firejail(1) and man:firejail-profile(5) -PS: If you have any improvements for this script, open a issues or pull request. +PS: If you have any improvements for this script, open an issue or pull request. EOM [[ $? -eq 1 ]] && exit 0 @@ -40,14 +49,14 @@ EOM read -r -d $'\0' MSG_Q_BROWSER_ALLOW_DRM <Should browsers be able to play DRM content? -\$HOME is noexec,nodev,nosuid by default for the most sandboxes. This means that executing ELFs which are located in \$HOME, +\$HOME is noexec,nodev,nosuid by default for the most sandboxes. This means that executing programs which are located in \$HOME, is forbidden, the setuid attribute on files is ignored and device files inside \$HOME don't work. Browsers install proprietary DRM plug-ins such as Widevine under \$HOME by default. In order to use them, \$HOME must be mounted exec inside the sandbox to -allow there execution. Clearly, this may help an attacker to start malicious code. +allow their execution. Clearly, this may help an attacker to start malicious code. -NOTE: Other software written in an interpreter language such as bash, python or java can always started from \$HOME. +NOTE: Other software written in an interpreter language such as bash, python or java can always be started from \$HOME. -TIPP: If /home has its own partition, you can mount it nodev,nosuid for all programs. +HINT: If /home has its own partition, you can mount it nodev,nosuid for all programs. EOM read -r -d $'\0' MSG_L_ADVANCED_OPTIONS <Should the most programs started in firejail by default? +Should most programs be started in firejail by default? EOM read -r -d $'\0' MSG_I_ROOT_REQUIRED <