Security is one of the most important and overlooked aspects of modern computing. We tend to let the default security configurations do the work, or on Windows, we simply install some anti-virus and be done with it. However, applications are increasingly privileged and we find ourselves running programs that could represent a security vulnerability to our systems and, more importantly, to our information.
Sandboxing allows us to limit what each application can see and what it can access, as well as what it can do in your system. Clearly not all applications need sandboxing, for example, your text editor probably isn’t a security vulnerability. Regardless, applications like browsers are the source of many security vulnerabilities, even though they already do some sandboxing themselves.
In this post, we will use a very simple sandboxing method using Firejail and AppArmor on Linux.