<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> <maintainer type="person"> <email>aidecoe@gentoo.org</email> <name>Amadeusz Żołnowski</name> </maintainer> <longdescription lang="en"> Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. This is long term support branch of firejail. For bleeding edge version see sys-apps/firejail. </longdescription> <upstream> <remote-id type="sourceforge">firejail</remote-id> </upstream> <use> <flag name="seccomp">Enable system call filtering</flag> </use> </pkgmetadata>