π

Firejail

Show Sidebar

Stefan Schumacher mentioned Firejail in his talk today. It's a relatively new tool to run arbotrary GNU/Linux application in a sandbox environment.

For example firejail firefox starts a standard FireFox browser with the FireFox Firejail profile that is part of the default package of Firejail. There are many other pre-defined profiles for other applications as well. Of course you can overwrite or create new profiles.

Profiles define white- or black-lists for read/write access on directories, network bandwidth, firewall rules, and so forth. Really powerful when you don't want to run more elaborate stuff such as Qubes OS.

Comment via email or via Disqus comments below: