DistroWatch – Tips and tricks: The Firejail security sandbox

Running Firefox in a sandbox

Sandboxing is a term which describes isolating programs from each other (or from specific system resources) by limiting their scope or access to parts of the operating system. There are many forms sandboxing can take, from virtual machines to Docker containers. Other mechanisms we can use to isolate processes from resources include SELinux, AppArmor and control groups. These tools are lightweight and powerful, but they can be quite tricky to set up, especially for inexperienced users. SELinux in particular uses a cryptic syntax which people find difficult to master. more…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s