blob: 13c3aafc81a8b8dc20094437dae8800f79226cb2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="person">
<email>aidecoe@gentoo.org</email>
<name>Amadeusz Żołnowski</name>
</maintainer>
<longdescription lang="en">
Firejail is a SUID program that reduces the risk of security breaches
by restricting the running environment of untrusted applications using
Linux namespaces and seccomp-bpf. It allows a process and all its
descendants to have their own private view of the globally shared
kernel resources, such as the network stack, process table, mount
table.
</longdescription>
<upstream>
<remote-id type="sourceforge">firejail</remote-id>
</upstream>
<use>
<flag name="apparmor">Enable support for custom AppArmor
profiles</flag>
<flag name="bind">Enable custom bind mounts</flag>
<flag name="chroot">Enable chrooting to custom directory</flag>
<flag name="file-transfer">Enable file transfers between sandboxes and
the host system</flag>
<flag name="network">Enable networking features</flag>
<flag name="network-restricted">Grant access to --interface,
--net=ethXXX and --netfilter only to root user; regular users are
only allowed --net=none</flag>
<flag name="seccomp">Enable system call filtering</flag>
<flag name="userns">Enable attaching a new user namespace to a
sandbox (--noroot option)</flag>
<flag name="x11">Enable X11 sandboxing</flag>
</use>
</pkgmetadata>
|
GitWeb
