summaryrefslogtreecommitdiff
blob: 8a213d3a83ed9ee0e3d2d74b5378d60f13990404 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
	<maintainer type="person" proxied="yes">
		<email>hlein@korelogic.com</email>
		<name>Hank Leininger</name>
	</maintainer>
	<maintainer type="project" proxied="proxy">
		<email>proxy-maint@gentoo.org</email>
		<name>Proxy Maintainers</name>
	</maintainer>
	<longdescription lang="en">
		Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of
		untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to 
		have their own private view of the globally shared kernel resources, such as the network stack, process table,
		mount table.

		This is the regular version. For a long term support version see sys-apps/firejail-lts.
	</longdescription>
	<upstream>
		<remote-id type="cpe">cpe:/a:firejail_project:firejail</remote-id>
		<remote-id type="github">netblue30/firejail</remote-id>
	</upstream>
	<use>
		<flag name="apparmor">Enable support for custom AppArmor profiles</flag>
		<flag name="chroot">Enable chrooting to custom directory</flag>
		<flag name="contrib">Install contrib scripts</flag>
		<flag name="dbusproxy">Enable DBus proxying to filter access in supporting profiles</flag>
		<flag name="file-transfer">Enable file transfers between sandboxes and the host system</flag>
		<flag name="globalcfg">Enable global config file</flag>
		<flag name="network">Enable networking features</flag>
		<flag name="private-home">Enable private home feature</flag>
		<flag name="userns">Enable attaching a new user namespace to a sandbox (--noroot option)</flag>
		<flag name="whitelist">Enable whitelist</flag>
		<flag name="X">Enable X11 sandboxing</flag>
	</use>
</pkgmetadata>