mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-15 14:16:14 -06:00
473 lines
17 KiB
Text
473 lines
17 KiB
Text
Firejail is a SUID sandbox program that reduces the risk of security
|
|
breaches by restricting the running environment of untrusted applications
|
|
using Linux namespaces and seccomp-bpf. It includes sandbox profiles for
|
|
Iceweasel/Mozilla Firefox, Chromium, Midori, Opera, Evince, Transmission,
|
|
VLC, Audacious, Clementine, Rhythmbox, Totem, Deluge, qBittorrent.
|
|
DeaDBeeF, Dropbox, Empathy, FileZilla, IceCat, Thunderbird/Icedove,
|
|
Pidgin, Quassel, and XChat.
|
|
|
|
Firejail also expands the restricted shell facility found in bash by adding
|
|
Linux namespace support. It supports sandboxing specific users upon login.
|
|
|
|
Download: http://sourceforge.net/projects/firejail/files/
|
|
Build and install: ./configure && make && sudo make install
|
|
Documentation and support: https://firejail.wordpress.com/
|
|
Development: https://github.com/netblue30/firejail
|
|
License: GPL v2
|
|
|
|
|
|
|
|
Compile and install mainline version from GitHub:
|
|
|
|
$ git clone https://github.com/netblue30/firejail.git
|
|
$ cd firejail
|
|
$ ./configure && make && sudo make install-strip
|
|
|
|
On Debian/Ubuntu you will need to install git and a compiler:
|
|
|
|
$ sudo apt-get install build-essential
|
|
|
|
|
|
|
|
Maintainer:
|
|
- netblue30 (netblue30@yahoo.com)
|
|
|
|
Committers
|
|
- Fred-Barclay (https://github.com/Fred-Barclay)
|
|
- Reiner Herrmann (https://github.com/reinerh)
|
|
- startx2017 (https://github.com/startx2017) - 0.9.38-LTS branch maintainer
|
|
- netblue30 (netblue30@yahoo.com)
|
|
|
|
|
|
|
|
Firejail Authors (alphabetical order)
|
|
|
|
Akhil Hans Maulloo (https://github.com/kouul)
|
|
- xz profile
|
|
Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
|
|
- src/lib/libnetlink.c extracted from iproute2 software package
|
|
Aleksey Manevich (https://github.com/manevich)
|
|
- several profile fixes
|
|
- fix problem with relative path in storage_find function
|
|
- fix build for systems without bash
|
|
- fix double quotes/single quotes problem
|
|
- big rework of argument processing subsystem
|
|
- --join fixes
|
|
- spliting up cmdline.c
|
|
- Busybox support
|
|
- X11 support rewrite
|
|
- gether shell selection code in one place
|
|
- fixed several TOCTOU security problems
|
|
- added --fix option to firecfg utility
|
|
- read_pid fix
|
|
- added --x11=block options
|
|
- x11 xpra, xphyr, none profile commands
|
|
- added --join-or-start command
|
|
- CVE-2016-7545
|
|
Alexander Stein (https://github.com/ajstein)
|
|
- added profile for qutebrowser
|
|
Andrey Alekseenko (https://github.com/al42and)
|
|
- fixing lintian warnings
|
|
- fixed Skype profile
|
|
andrew160 (https://github.com/andrew160)
|
|
- profile and man pages fixes
|
|
Austin S. Hemmelgarn (https://github.com/Ferroin)
|
|
- unbound profile update
|
|
avoidr (https://github.com/avoidr)
|
|
- whitelist fix
|
|
- recently-used.xbel fix
|
|
- added parole profile
|
|
- blacklist ncat
|
|
- hostname support in profile file
|
|
- Google Chrome profile rework
|
|
- added cmus profile
|
|
- man page fixes
|
|
- add net iface support in profile files
|
|
- paths fix
|
|
- lots of profile fixes
|
|
- added mcabber profile
|
|
- fixed mpv profile
|
|
- various other fixes
|
|
Bader Zaidan (https://github.com/BaderSZ)
|
|
- Telegram profile
|
|
Benjamin Kampmann (https://github.com/ligthyear)
|
|
- Forward exit code from child process
|
|
BogDan Vatra (https://github.com/bog-dan-ro)
|
|
- zoom profile
|
|
Bruno Nova (https://github.com/brunonova)
|
|
- whitelist fix
|
|
- bash arguments fix
|
|
BytesTuner (https://github.com/BytesTuner)
|
|
- provided keepassxc profile
|
|
Cat (https://github.com/ecat3)
|
|
- prevent tmux connecting to an existing session
|
|
creideiki (https://github.com/creideiki)
|
|
- make the sandbox process reap all children
|
|
Christian Stadelmann (https://github.com/genodeftest)
|
|
- profile fixes
|
|
- evolution profile fix
|
|
curiosity-seeker (https://github.com/curiosity-seeker)
|
|
- tightening unbound and dnscrypt-proxy profiles
|
|
- correct and tighten QuiteRss profile
|
|
- dnsmasq profile
|
|
- okular and gwenview profiles
|
|
- cherrytree profile fixes
|
|
- added quiterss profile
|
|
- added guayadeque profile
|
|
- added VirtualBox.profile
|
|
- various other profile fixes
|
|
Daan Bakker (https://github.com/dbakker)
|
|
- protect shell startup files
|
|
Dara Adib (https://github.com/daradib)
|
|
- ssh profile fix
|
|
- evince profile fix
|
|
Deelvesh Bunjun (https://github.com/DeelveshBunjun)
|
|
- added xpdf profile
|
|
dewbasaur (https://github.com/dewbasaur)
|
|
- block access to history files
|
|
- Firefox PDF.js exploit (CVE-2015-4495) fixes
|
|
- Steam profile
|
|
dshmgh (https://github.com/dshmgh)
|
|
- overlayfs fix for systems with /home mounted on a separate partition
|
|
Duncan Overbruck (https://github.com/Duncaen)
|
|
- musl libc fix
|
|
- utmp fix
|
|
emacsomancer (https://github.com/emacsomancer)
|
|
- added profile for Conkeror browser
|
|
eventyrer (https://github.com/eventyrer)
|
|
- update gnome-mplayer.profile
|
|
Felipe Barriga Richards (https://github.com/fbarriga)
|
|
- --private-etc fix
|
|
Franco (nextime) Lanza (https://github.com/nextime)
|
|
- added --private-template/--private-home
|
|
Fred-Barclay (https://github.com/Fred-Barclay)
|
|
- lots of profile fixes
|
|
- added Vivaldi, Atril profiles
|
|
- added PaleMoon profile
|
|
- split Icedove and Thunderbird profiles
|
|
- added 0ad profile
|
|
- fixed version for .deb packages
|
|
- added Warzone2100 profile
|
|
- blacklisted VeraCrypt
|
|
- added Gpredict profile
|
|
- added Aweather, Stellarium profiles
|
|
- fixed HexChat and Atril profiles
|
|
- fixed disable-common.inc for mate-terminal
|
|
- blacklisted escape-happy terminals in disable-common.inc
|
|
- blacklisted g++
|
|
- added xplayer, xreader, and xviewer profiles
|
|
- added Brave profile
|
|
- added Gitter profile
|
|
- various organising
|
|
- added LibreOffice profile
|
|
- added pix profile
|
|
- added audacity profile
|
|
- fixed Telegram and qtox profiles
|
|
- added Atom Beta and Atom profiles
|
|
- tightened 0ad, atril, evince, gthumb, pix, qtox, and xreader profiles
|
|
- several private-bin conversions
|
|
- added jitsi profile
|
|
- pidgin private-bin conversion
|
|
- added eom profile
|
|
- added gnome-chess profile
|
|
- added DOSBox profile
|
|
- evince profile enhancement
|
|
- tightened Spotify profile
|
|
- added xiphos and Tor Browser Bundle profiles
|
|
- added xed and pluma profiles
|
|
- added Cryptocat profile
|
|
- added wireshark profile
|
|
- uudeview profile fix
|
|
- fixed palemoon and qbittorrent profiles
|
|
- compile/install scripts for --git-install/--git-uninstall commands
|
|
- tighten keepassx
|
|
- added Thunar profile
|
|
- added mousepad, qpicview, and cvlc profiles
|
|
- added BibleTime profile
|
|
- added caja and galculator profiles
|
|
G4JC (http://sourceforge.net/u/gaming4jc/profile/)
|
|
- ARM support
|
|
- profile fixes
|
|
Gaman Gabriel (https://github.com/stelariusinfinitek)
|
|
- inox profile
|
|
geg2048 (https://github.com/geg2048)
|
|
- kwallet profile fixes
|
|
graywolf (https://github.com/graywolf)
|
|
- spelling fix
|
|
greigdp (https://github.com/greigdp)
|
|
- Gajim IM client profile
|
|
- fixed spotify profile
|
|
- added Slack profile
|
|
- add Spotify profile
|
|
GSI (https://github.com/GSI)
|
|
- added Uzbl browser profile
|
|
hamzadis (https://github.com/hamzadis)
|
|
- added --overlay-named=name and --overlay-path=path
|
|
Holger Heinz (https://github.com/hheinz)
|
|
- manpage work
|
|
Icaro Perseo (https://github.com/icaroperseo)
|
|
- Icecat profile
|
|
- several profile fixes
|
|
Igor Bukanov (https://github.com/ibukanov)
|
|
- found/fiixed privilege escalation in --hosts-file option
|
|
iiotx (https://github.com/iiotx)
|
|
- use generic.profile by default
|
|
Impyy (https://github.com/Impyy)
|
|
- added mumble profile
|
|
irregulator (https://github.com/irregulator)
|
|
- thunderbird profile fixes for debian stretch
|
|
Ivan Kozik (https://github.com/ivan)
|
|
- speed up sandbox exit
|
|
Jaykishan Mutkawoa (https://github.com/jmutkawoa)
|
|
- cpio profile
|
|
Jericho (https://github.com/attritionorg)
|
|
- spelling
|
|
Jesse Smith (https://github.com/slicer69)
|
|
- added QupZilla profile
|
|
jgriffiths (https://github.com/jgriffiths)
|
|
- make rpm packages support
|
|
Joan Figueras (https://github.com/figue)
|
|
- added abrowser profile
|
|
- added Google-Play-Music-Desktop-Player
|
|
- added cyberfox profile
|
|
jrabe (https://github.com/jrabe)
|
|
- disallow access to kdbx files
|
|
- Epiphany profile
|
|
- Polari profile
|
|
- qTox profile
|
|
- X11 fixes
|
|
Kaan Genç (https://github.com/SeriousBug)
|
|
- dynamic allocation of noblacklist buffer
|
|
KellerFuchs (https://github.com/KellerFuchs)
|
|
- nonewpriv support, extended profiles for this feature
|
|
- make `restricted-network` prevent use of netfilter
|
|
- disable-common.inc additions
|
|
- make mutt and msmtp's rc files read-only
|
|
- added support for .local profile files in /etc/firejail
|
|
- fixed Cryptocat profile
|
|
- make ~/.local read-only
|
|
KOLANICH (https://github.com/KOLANICH)
|
|
- added symlink fixer fix_private-bin.py in contrib section
|
|
laniakea64 (https://github.com/laniakea64)
|
|
- added fj-mkdeb.py script to build deb packages
|
|
Lari Rauno (https://github.com/tuutti)
|
|
- qutebrowser profile fixes
|
|
Laurent Declercq (https://github.com/nuxwin)
|
|
- fixed test for shell interpreter in chroots
|
|
Loïc Damien (https://github.com/dzamlo)
|
|
- small fixes
|
|
maces (https://github.com/maces)
|
|
- Franz messenger profile
|
|
mahdi1234 (https://github.com/mahdi1234)
|
|
- cherrytree profile
|
|
- Seamonkey profiles
|
|
Martin Carpenter (https://github.com/mcarpenter)
|
|
- security audit and bug fixes
|
|
- Centos 6.x support
|
|
Matt Parnell (https://github.com/ilikenwf)
|
|
- whitelisting for core firefox related functionality
|
|
Mattias Wadman (https://github.com/wader)
|
|
- seccomp errno filter support
|
|
Matthew Gyurgyik (https://github.com/pyther)
|
|
- rpm spec and several fixes
|
|
Michael Haas (https://github.com/mhaas)
|
|
- bugfixes
|
|
Mike Frysinger (vapier@gentoo.org)
|
|
- Gentoo compile patch
|
|
mjudtmann (https://github.com/mjudtmann)
|
|
- lock firejail configuration in disable-mgmt.inc
|
|
mustaqimM (https://github.com/mustaqimM)
|
|
- added profile for Nylas Mail
|
|
n1trux (https://github.com/n1trux)
|
|
- fix flashpeak-slimjet profile typos
|
|
netblue30 (netblue30@yahoo.com)
|
|
Niklas Haas (https://github.com/haasn)
|
|
- blacklisting for keybase.io's client
|
|
Ondra Nekola (https://github.com/satai)
|
|
- allow firefox theming with non-global themes
|
|
Patrick Toomey (http://sourceforge.net/u/ptoomey/profile/)
|
|
- user namespace implementation
|
|
Paupiah Yash (https://github.com/CaffeinatedStud)
|
|
- gzip profile
|
|
Peter Millerchip (https://github.com/pmillerchip)
|
|
- memory allocation fix
|
|
- --private.keep to --private-home transition
|
|
- support for files and directories starting with ~ in blacklist option
|
|
- support for files and directories with spaces in blacklist option
|
|
- lots of other fixes
|
|
- implement the --allow-private-blacklist option
|
|
Peter Hogg (https://github.com/pigmonkey)
|
|
- WeeChat profile
|
|
- rtorrent profile
|
|
- bitlbee profile fixes
|
|
- mutt profile fixes
|
|
Petter Reinholdtsen (pere@hungry.com)
|
|
- Opera profile patch
|
|
pirate486743186 (https://github.com/pirate486743186)
|
|
- KMail profile
|
|
Pixel Fairy (https://github.com/xahare)
|
|
- added fjclip.py, fjdisplay.py and fjresize.py in contrib section
|
|
pshpsh (https://github.com/pshpsh)
|
|
- added FossaMail profile
|
|
pstn (https://github.com/pstn)
|
|
- added install-strip, make install without strip
|
|
pszxzsd (https://github.com/pszxzsd)
|
|
-uGet profile
|
|
pwnage-pineapple (https://github.com/pwnage-pineapple)
|
|
- update Okular profile
|
|
Rafael Cavalcanti (https://github.com/rccavalcanti)
|
|
- chromium profile fixes for Arch Linux
|
|
Rahiel Kasim (https://github.com/rahiel)
|
|
- Mathematica profile
|
|
- whitelisted Dropbox profile
|
|
- whitelisted keysnail config for firefox
|
|
Rahul Golam (https://github.com/technoLord)
|
|
- strings profile
|
|
Reiner Herrmann (https://github.com/reinerh)
|
|
- a number of build patches
|
|
- man page fixes
|
|
- Debian and Ubuntu integration
|
|
- clang-analyzer fixes
|
|
- Debian reproducible build
|
|
- unit testing framework
|
|
- moved build to .xz
|
|
- detached signatures for source archive
|
|
- recursive mkdir
|
|
Remco Verhoef (https://github.com/nl5887)
|
|
- add overlay configuration to profiles
|
|
- prevent running shells recursively
|
|
rogshdo (https://github.com/rogshdo)
|
|
- BitlBee profile
|
|
Ruan (https://github.com/ruany)
|
|
- fixed hexchat profile
|
|
sarneaud (https://github.com/sarneaud)
|
|
- rewrite globbing code to fix various minor issues
|
|
- added noblacklist command for profile files
|
|
- various enhancements and bug fixes
|
|
Sergey Alirzaev (https://github.com/l29ah)
|
|
- firejail.h enum fix
|
|
Simon Peter (https://github.com/probonopd)
|
|
- set $APPIMAGE and $APPDIR environment variables
|
|
- AppImage version detection
|
|
- Leafppad type v1 and v2 appimage packages in test/appimage
|
|
sinkuu (https://github.com/sinkuu)
|
|
- blacklisting kwalletd
|
|
- fix symlink invocation for programs placing symlinks in $PATH
|
|
sshirokov (http://sourceforge.net/u/yshirokov/profile/)
|
|
- Patch to output "Reading profile" to stderr instead of stdout
|
|
SpotComms (https://github.com/SpotComms)
|
|
- added Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5 profiles
|
|
- added PDFSam, Pithos, and Xonotic profiles
|
|
- disabled Go, Rust, and OpenSSL in disable-devel.conf
|
|
- added dino profile
|
|
- added Kodi profile
|
|
- lots of profile tightening
|
|
- added viking, youtube-dl, meld profiles
|
|
- more profile tightening
|
|
- added Arduino profile
|
|
- profile hardening
|
|
- firecfg enhancements
|
|
SYN-cook (https://github.com/SYN-cook)
|
|
- keepass/keepassx browser fixes
|
|
- disable-common.inc fixes
|
|
- blacklist GNOME keyring and Konqueror
|
|
- fixed Keepass(x) profiles
|
|
- Engrampa profile
|
|
- Scribus profile
|
|
- autostart blacklist for KDE
|
|
- blacklist startup scripts
|
|
- various profile updates
|
|
- blacklist lots of KDE files
|
|
- blacklist nautilus and nemo in ~/.local/share/
|
|
- added mediathekview profile
|
|
- blacklist attic and borg
|
|
- cleaned up Okular and Gwenview profiles
|
|
- added baloo_file profile
|
|
- k3b profile update
|
|
startx2017 (https://github.com/startx2017)
|
|
- syscall list update
|
|
- updated default seccomp filters - added bpf, clock_settime, personality, process_vm_writev, query_module,
|
|
settimeofday, stime, umount, userfaultfd, ustat, vm86, and vm86old
|
|
- enable/disable join support in /etc/firejail/firejail.config
|
|
- firecfg fix: create ~/.local/share/applications directory if it doesn't exist
|
|
- firejail.config cleanup
|
|
- --quiet fixes
|
|
- 0.9.38-LTS branch maintainer
|
|
- firemon --top speed-up
|
|
- Blender and 2048-qt profiles
|
|
thewisenerd (https://github.com/thewisenerd)
|
|
- allow multiple private-home commands
|
|
- use $SHELL variable if the shell is not specified
|
|
- appimage: pass commandline arguments
|
|
Thomas Jarosch (https://github.com/thomasjfox)
|
|
- disable keepassx in disable-passwdmgr.inc
|
|
- added uudeview profile
|
|
- added tar (gtar), unzip and unrar profile
|
|
- added file profile
|
|
- improved profile list
|
|
- fixed small variable glitch in stat64() / lstat64() (libtracelog)
|
|
- added lstat() / lstat64() support to libtrace
|
|
- include mkuid.sh in make dist
|
|
Tom Mellor (https://github.com/kalegrill)
|
|
- mupen64plus profile
|
|
Tomasz Jan Góralczyk (https://github.com/tjg)
|
|
- fixed Steam profile
|
|
valoq (https://github.com/valoq)
|
|
- lots of profile fixes
|
|
- added support for /srv in --whitelist feature
|
|
- Eye of GNOME, Evolution, display (imagemagik) and Wire profiles
|
|
- blacklist suid binaries in disable-common.inc
|
|
- fix man pages
|
|
- added keypass2, qemu profiles
|
|
- added amarok, ark, atool, bleachbit, brasero, dolphin, dragon, elinks, enchant, exiftool profiles
|
|
- added file-roller, gedit, gjs,gnome-books, gnome-documents, gnome-maps, gnome-music profiles
|
|
- added gnome-photos, gnome-weather, goobox, gpa, gpg, gpg-agent, highlight profiles
|
|
- added img2txt, k3b, kate, lynx, mediainfo, nautilus, odt2txt, pdftotext, simple-scan profiles
|
|
- added skanlite, ssh-agent, transmission-cli, tracker, transmission-show, w3m, xfburn, xpra profiles
|
|
- added wget profile
|
|
- disable gnupg and systemd directories under /run/user
|
|
- added iridium browser profile
|
|
Vadim A. Misbakh-Soloviov (https://github.com/msva)
|
|
- profile fixes
|
|
ValdikSS (https://github.com/ValdikSS)
|
|
- Psi+, Corebird, Konversation profiles
|
|
- various profile fixes
|
|
Vasya Novikov (https://github.com/vn971)
|
|
- Wesnoth profile
|
|
- Hedegewars profile
|
|
- manpage fixes
|
|
- fixed firecfg clean/clear issue
|
|
- found the ugliest bug so far
|
|
- seccomp debug description in man page
|
|
Veeti Paananen (https://github.com/veeti)
|
|
- fixed Spotify profile
|
|
vismir2 (https://github.com/vismir2)
|
|
- feh, ranger, 7z, keepass, keepassx and zathura profiles
|
|
- claws-mail, mutt, git, emacs, vim profiles
|
|
- lots of profile fixes
|
|
- support for truecrypt and zuluCrypt
|
|
xee5ch (https://github.com/xee5ch)
|
|
- skypeforlinux profile
|
|
yumkam (https://github.com/yumkam)
|
|
- add compile-time option to restrict --net= to root only
|
|
- man page fixes
|
|
Zack Weinberg (https://github.com/zackw)
|
|
- added support for joining a persistent, named network namespace
|
|
- removed libconnect
|
|
- fixed memory corruption in noblacklist processing
|
|
- rework DISPLAY environment parsing
|
|
- rework masking X11 sockets in /tmp/.X11-unix directory
|
|
- rework xpra and xephyr detection
|
|
- rework abstract X11 socket detection
|
|
- rework X11 display number assignment
|
|
- rework X11 xorg processing
|
|
- rework fcopy, --follow-link support in fcopy
|
|
- follow link support in --private-bin
|
|
- wait_for_other function rewrite
|
|
- Xvfb X11 server support
|
|
- Xvfb and Xephyr profiles, modified Xpra profile
|
|
- support for sandboxing Xpra, Xvfb and Xephyr in independent sandboxes when started
|
|
with firejail --x11
|
|
- support for xpra-extra-params in firejail.config
|
|
|
|
Copyright (C) 2014-2017 Firejail Authors
|