Documentation

 

I’ve just installed Firejail, now what?!

Integrate your sandbox into your desktop by running the following two commands:

$ firecfg --fix-sound
$ sudo firecfg

The first command solves some shared memory/PID namespace bugs in PulseAudio software prior to version 9. The second command integrates Firejail into your desktop. You would need to logout and login back to apply PulseAudio changes.

Start your programs the way you are used to: desktop manager menus, file manager, desktop launchers. The integration applies to any program supported by default by Firejail. There are about 250 default applications in Firejail version 0.9.46, and the number goes up with every new release. We keep the list in /usr/lib/firejail/firecfg.config file.

Basic Usage document will help you get started in command line. If you are stuck and need help to figure something out, don’t be afraid to ask.

Can you sandbox Firefox?

Firejail was build with Mozilla Firefox in mind. Sandboxing Firefox is by far the most popular application for Firejail. Check out our Firefox Sandboxing Guide.

Do I really need to build a security profile for my application?

No. If your application is not recognized, Firejail will use a very restrictive default profile. Yet, we encourage users to customize profiles. Building Custom Profiles and Building Whitelisted Profiles describe how to change exiting security profiles and how to create new ones.

It’s too easy, I’m getting bored!

There is no difficult in Firejail, at least not SELinux-difficult. But if you need something more challenging, try to customize your security filters, or go into some more advanced security topics such as X11 and Grsecurity:

Not quite like that, I was thinking about sandboxing games…

Take a look at this excellent Steam article on Joris_VR blog. Both Steam in Wine games are supported by Firejail sandbox, with full sound and 3D acceleration.

 

Across the Internet

If you are looking for external reviews, these are some of the best: LWN.net, DistroWatch.com, and linux.com. Linux Magazine published a very detailed feature article in April 2015. An online copy is available here.

YouTube

l3net blog

Advertisements

4 thoughts on “Documentation

  1. Pingback: How to Sandbox Apps in Linux Systems | Beebom

  2. Pingback: linux process sandboxing with linux ‘user namespaces’ and firejail – atropineal

  3. Pingback: How to Sandbox Non-Trusted Apps in Linux Systems - PC - Learn in 30 Sec from Microsoft Awarded MVP

  4. Pingback: Firejail | security sandbox

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s