I’ve just installed Firejail, now what?!
Integrate your sandbox into your desktop by running:
Start your program the way you are used to – desktop manager menus, file manager, desktop starters – and it will be sandboxed automatically. There are over 1000 applications supported by default in the current Firejail software version, and the number goes up with every new release.
The browser is by far the most important program you would ever need to protect. Take a look at Firefox Sandboxing Guide to get in the mood. Tor browser setup is discussed in Firejail Tips and Tricks.
Firejail Usage document will help you get started in command line. If you are stuck and need help to figure something out, don’t be afraid to ask.
Do I really need to build a security profile for my application?
No. If your application is not recognized, Firejail will use a very restrictive default profile. Yet, we encourage users to customize profiles. Building Custom Profiles describe how to change exiting security profiles and how to create new ones. For developers we keep a more detailed document in our wiki here.
It’s too easy, I’m getting bored!
There is no difficult in Firejail, at least not SELinux-difficult. But if you need something more challenging, try to customize your security filters, or go into some more advanced security topics such as X11 sandboxing:
Not quite like that, I was thinking about sandboxing games…
Take a look at this excellent Steam article on Joris_VR blog. Both Steam and Wine games are supported by Firejail sandbox, with full sound and 3D acceleration.
If you are looking for external reviews, these are some of the best: LWN.net, DistroWatch.com, and linux.com. Linux Magazine published a very detailed feature article in April 2015. An online copy is available here.
For our less-experienced Linux users, we are building a video HowTo channel. Hopefully, we can pair each video with a blog entry, if not, we provide the relevant info in the video description. Currently the videos are on Brighteon, and the backup channel is on BitChute.