Firejail is a Linux security SUID program that drastically reduces the risk of security breaches by sandboxing the running environment of untrusted applications. Firejail achieves this by using Linux namespaces and seccomp-bpf which allows the attaching of a system call filter to a process and all its descendants, thus reducing the attack surface of the kernel.
With Firejail installed, you can then launch applications from the command line, such that they have a private view of globally-shared kernel resources–such as the network stack. With this addition to your Linux platform, you’ll gain a heightened level of security to an already secure environment.
Firejail is not limited to graphical applications. In fact, Firejail can sandbox servers, GUI tools, and even user login sessions.
Believe it or not, Firejail is incredibly easy to use. I’m going to walk you through the process of installing and using Firejail.
Video by Null Byte, Youtube
Video by Joe McEntire, Youtube.
How to set up the most ridiculously secure browser I’ve ever seen! Uses Debian 9, Firefox 58.0.2, and Firejail
Linux has a reputation of being fairly secure, and out of the big three operating systems it runs into far less issues when it comes to privacy. Still, as secure as Linux can be, there’s always room for improvement. The app is the most popular program sandboxing tool on Linux. It is because of this, many Linux distributions have decided to ship this software.
Linux Luddites: https://linuxluddites.com