<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
	<maintainer type="person" proxied="yes">
		<email>hlein@korelogic.com</email>
		<name>Hank Leininger</name>
	</maintainer>
	<maintainer type="project" proxied="proxy">
		<email>proxy-maint@gentoo.org</email>
		<name>Proxy Maintainers</name>
	</maintainer>
	<longdescription lang="en">
		Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of
		untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to 
		have their own private view of the globally shared kernel resources, such as the network stack, process table,
		mount table.
	</longdescription>
	<upstream>
		<remote-id type="cpe">cpe:/a:firejail_project:firejail</remote-id>
		<remote-id type="github">netblue30/firejail</remote-id>
	</upstream>
	<use>
		<flag name="apparmor">Enable support for custom AppArmor profiles</flag>
		<flag name="chroot">Enable chrooting to custom directory</flag>
		<flag name="contrib">Install contrib scripts</flag>
		<flag name="dbusproxy">Enable DBus proxying to filter access in supporting profiles</flag>
		<flag name="file-transfer">Enable file transfers between sandboxes and the host system</flag>
		<flag name="globalcfg">Enable global config file</flag>
		<flag name="network">Enable networking features</flag>
		<flag name="private-home">Enable private home feature</flag>
		<flag name="userns">Enable attaching a new user namespace to a sandbox (--noroot option)</flag>
		<flag name="X">Enable X11 sandboxing</flag>
	</use>
</pkgmetadata>