<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> <maintainer type="person" proxied="yes"> <email>hlein@korelogic.com</email> <name>Hank Leininger</name> </maintainer> <maintainer type="project" proxied="proxy"> <email>proxy-maint@gentoo.org</email> <name>Proxy Maintainers</name> </maintainer> <longdescription lang="en"> Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. </longdescription> <upstream> <remote-id type="cpe">cpe:/a:firejail_project:firejail</remote-id> <remote-id type="github">netblue30/firejail</remote-id> </upstream> <use> <flag name="apparmor">Enable support for custom AppArmor profiles</flag> <flag name="chroot">Enable chrooting to custom directory</flag> <flag name="contrib">Install contrib scripts</flag> <flag name="dbusproxy">Enable DBus proxying to filter access in supporting profiles</flag> <flag name="file-transfer">Enable file transfers between sandboxes and the host system</flag> <flag name="globalcfg">Enable global config file</flag> <flag name="network">Enable networking features</flag> <flag name="private-home">Enable private home feature</flag> <flag name="userns">Enable attaching a new user namespace to a sandbox (--noroot option)</flag> <flag name="X">Enable X11 sandboxing</flag> </use> </pkgmetadata>