Linux Mint: Firejail as security sandbox for your programs

Firejail is an easy to use security sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux kernel security features. It restricts what files and directories an application can access in your home directory and what access it has to system directories and system resources. Firejail is ideal for use with web browsers, desktop applications, and daemons/servers alike. more

Advertisements

3 thoughts on “Linux Mint: Firejail as security sandbox for your programs

  1. Roberto

    Although like many features of firejail, I didn’t install on my computers because the option “-net” (unconnected network namespace) allows any user to pass by my firewall rules. Is there any way to install firejail and disable the option “-net” so that users cannot use it? While there is no way to ban users from using the option “-net” I can’t use firejail. Could be a way to disable the option “-net” in the configuration file. Does anyone have any suggestions?

    Like

    Reply
      1. Roberto

        Thanks for the answer. Set “restricted-network yes” works for me. Hope firejail networking features will never exploited for bypass firewall rules, even if a malware infect the system.

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s