Update Firejail, Sandbox for Linux

Discussion in 'Other Security for macOS and Linux' started by Spawn, Oct 11, 2016.

  1. Spawn

    Spawn Administrator
    Staff Member Content Creator

    Jan 8, 2011
    16,260
    24,190
    Official Website:
    https://firejail.wordpress.com/
    Release Notes:
    https://firejail.wordpress.com/download-2/release-notes/
    Current Version 0.9.42, Friday, September 9, 2016

    Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities.

    It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. Firejail can work in a SELinux or AppArmor environment, and it is integrated with Linux Control Groups.

    Written in C with virtually no dependencies, the software runs on any Linux computer with a 3.x kernel version or newer. It can sandbox any type of processes: servers, graphical applications, and even user login sessions. The software includes sandbox profiles for a number of more common Linux programs, such as Mozilla Firefox, Chromium, VLC, Transmission etc.

    The sandbox is lightweight, the overhead is low. There are no complicated configuration files to edit, no socket connections open, no daemons running in the background. All security features are implemented directly in Linux kernel and available on any Linux computer.​

    Download from Github here: https://github.com/netblue30/firejail
     
    Dirk41, _CyberGhosT_, vemn and 5 others like this.
  2. vemn

    vemn Level 6
    AV Tester

    Feb 11, 2017
    269
    1,238
    IT SYSADMIN
    Singapore
    Shall try it =)
     
    Dirk41 likes this.
  3. _CyberGhosT_

    _CyberGhosT_ Level 52
    Trusted

    Aug 2, 2015
    4,174
    27,488
    Retired
    Central US
    Linux Mint
    Default-Deny
    Smart move, FireJail is a very solid Linux solution. ;)
     
    Dirk41 likes this.
  4. Vipersd

    Vipersd Level 6

    Dec 14, 2014
    279
    552
    I'm using it, no obvious drop of performance on Linux Mint 18 Xfce.
     
    Dirk41 likes this.
  5. Wingman

    Wingman Level 3

    Feb 6, 2017
    145
    665
    Galaxy far away...
    Nice share- Thanks
     
  6. Vipersd

    Vipersd Level 6

    Dec 14, 2014
    279
    552
    #6 Vipersd, Feb 17, 2017
    Last edited: Feb 17, 2017
Loading...
Similar Threads Forum Date
Poll Is it worth it to sandbox Firefox with ReHIPS? General Security Discussions Nov 28, 2017
Problems with IDM and Sandboxie Sandboxie (Invincea) Nov 26, 2017
Q&A Fake Sandbox Processes (FSP) - Tool to simulate fake processes of analysis sandbox/VM software General Security Discussions Nov 16, 2017