Hey All,
I was wondering how well firejail sandbox works with Antix 16.
Are there any known problems?
I was thinking of using it with firefox-esr 45.5.0 and seamonkey 2.40 which are the browsers I use.
Thanks
The PoorGuy
topic title: firejail sandbox
7 posts
• Page 1 of 1
-
poorguyPosts: 125
- Joined: 11 May 2016
-
skidooPosts: 1,445
- Joined: 09 Feb 2012
#2
Firejail works as intended under antiX.
I'm not up to the task of coaching per-app sandbox profile customization/tweaking, so I'll refer you to a 20+pp discussion where you can read tips/tricks/trials:
Wilderssecurity Forums }} Software, Hardware and General Services }} all things UNIX
Topic: FireJail - Linux sandbox
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.wilderssecurity.com/threads/firejail-linux-sandbox.369309"
linktext was:"https://www.wilderssecurity.com/threads ... box.369309"
====================================
firejail author/project page contains 90 comments posted:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://l3net.wordpress.com/2014/09/19/firejail-a-security-sandbox-for-mozilla-firefox/"
linktext was:"https://l3net.wordpress.com/2014/09/19/ ... a-firefox/"
====================================
and
another 60+ comments posted to this page:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://firejail.wordpress.com/support/"
linktext was:"https://firejail.wordpress.com/support/"
====================================
can check open issues for firejail here:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://github.com/netblue30/firejail/issues"
linktext was:"https://github.com/netblue30/firejail/issues"
====================================
ps:
Please post links to any other meritworthy firejail discussions you find, or any helpful reviews/tutorials.
Firejail -- ArchWiki
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://wiki.archlinux.org/index.php/Firejail"
linktext was:"https://wiki.archlinux.org/index.php/Firejail"
====================================
linuxmint forum: several topics but I didn't notice one particular"definitive" or comprehensive topic thread
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.google.com/#q=site:linuxmint.com+intitle:firejail"
linktext was:"https://www.google.com/#q=site:linuxmin ... e:firejail"
====================================
I'm not up to the task of coaching per-app sandbox profile customization/tweaking, so I'll refer you to a 20+pp discussion where you can read tips/tricks/trials:
Wilderssecurity Forums }} Software, Hardware and General Services }} all things UNIX
Topic: FireJail - Linux sandbox
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.wilderssecurity.com/threads/firejail-linux-sandbox.369309"
linktext was:"https://www.wilderssecurity.com/threads ... box.369309"
====================================
firejail author/project page contains 90 comments posted:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://l3net.wordpress.com/2014/09/19/firejail-a-security-sandbox-for-mozilla-firefox/"
linktext was:"https://l3net.wordpress.com/2014/09/19/ ... a-firefox/"
====================================
and
another 60+ comments posted to this page:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://firejail.wordpress.com/support/"
linktext was:"https://firejail.wordpress.com/support/"
====================================
can check open issues for firejail here:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://github.com/netblue30/firejail/issues"
linktext was:"https://github.com/netblue30/firejail/issues"
====================================
ps:
Please post links to any other meritworthy firejail discussions you find, or any helpful reviews/tutorials.
Firejail -- ArchWiki
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://wiki.archlinux.org/index.php/Firejail"
linktext was:"https://wiki.archlinux.org/index.php/Firejail"
====================================
linuxmint forum: several topics but I didn't notice one particular"definitive" or comprehensive topic thread
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.google.com/#q=site:linuxmint.com+intitle:firejail"
linktext was:"https://www.google.com/#q=site:linuxmin ... e:firejail"
====================================
Last edited by skidoo on 21 Dec 2016, 20:07, edited 2 times in total.
-
poorguyPosts: 125
- Joined: 11 May 2016
#3
Hey skidoo,
Thanks I will give that a look at.
Thanks
Thanks I will give that a look at.
Thanks
-
skidooPosts: 1,445
- Joined: 09 Feb 2012
#4
Posted by step: Wed 23 Mar 2016
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://murga-linux.com/puppy/viewtopic.php?t=105635"
linktext was:"http://murga-linux.com/puppy/viewtopic.php?t=105635"
====================================
Post Title: Some interesting articles about firejail.
Firejail - Sandbox for Linux, wanna build a castle?
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.dedoimedo.com/computers/firejail.html"
linktext was:"http://www.dedoimedo.com/computers/firejail.html"
====================================
Running your programs in a jail with Firejail
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.linux-magazine.com/Issues/2015/173/Firejail"
linktext was:"http://www.linux-magazine.com/Issues/2015/173/Firejail"
====================================
Sandboxing with Firejail
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://lwn.net/Articles/671534/"
linktext was:"https://lwn.net/Articles/671534/"
====================================
(interesting comments)
Firejail
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://wiki.archlinux.org/index.php/Firejail"
linktext was:"https://wiki.archlinux.org/index.php/Firejail"
====================================
(short and practical)
-
poorguyPosts: 125
- Joined: 11 May 2016
#5
Hey skidoo,
Thanks for hooking me up with all of the links because I'm learning about all sorts of things about security. __{{emoticon}}__
Thanks
Thanks for hooking me up with all of the links because I'm learning about all sorts of things about security. __{{emoticon}}__
Thanks
-
skidooPosts: 1,445
- Joined: 09 Feb 2012
#6
distrowatch review of firejail:
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://distrowatch.com/weekly.php?issue=20160222#tips"
linktext was:"https://distrowatch.com/weekly.php?issue=20160222#tips"
====================================
(from Feb 2016, so some of the details might now be outdated)
and related reddit discussion The reddit contains a longish insightful post, along with (correct) criticism that effectiveness requires sandboxing X11
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://firejail.wordpress.com/documentation-2/x11-guide/%5Bquote"
linktext was:"https://firejail.wordpress.com/document ... ide/[quote"
====================================
]
Firejail X11 sandboxing support is built around an external X11 server software package.
Both Xpra and Xephyr are supported (apt-get install xpra xserver-xephyr on Debian/Ubuntu).
To allow people to use the sandbox on headless systems, Firejail compile and install is not be dependent on Xpra or Xephyr packages.
The sandbox replaces the regular X11 server with Xpra or Xephyr server.
This prevents X11 keyboard loggers and screenshot utilities from accessing the main X11 server.[/quote]
linux.com review (naw, brief intro) of firejail (June 2016):
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.linux.com/learn/lock-your-untrusted-applications-firejail"
linktext was:"https://www.linux.com/learn/lock-your-u ... s-firejail"
====================================
linux-magazine 2015 article"Running your programs in a jail with Firejail"
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.linux-magazine.com/Issues/2015/173/Firejail"
linktext was:"http://www.linux-magazine.com/Issues/2015/173/Firejail"
====================================
Aug 2014"How To Use Firejail to Set Up a WordPress Installation in a Jailed Environment" article + comments
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.digitalocean.com/community/tutorials/how-to-use-firejail-to-set-up-a-wordpress-installation-in-a-jailed-environment"
linktext was:"https://www.digitalocean.com/community/ ... nvironment"
====================================
(I wonder how accurate this still is, or is not, 2+ yrs later)
Dec 2016"Firejail with Tor HOWTO"
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.void.gr/kargig/blog/2016/12/12/firejail-with-tor-howto/"
linktext was:"http://www.void.gr/kargig/blog/2016/12/ ... tor-howto/"
====================================
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://distrowatch.com/weekly.php?issue=20160222#tips"
linktext was:"https://distrowatch.com/weekly.php?issue=20160222#tips"
====================================
(from Feb 2016, so some of the details might now be outdated)
and related reddit discussion The reddit contains a longish insightful post, along with (correct) criticism that effectiveness requires sandboxing X11
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://firejail.wordpress.com/documentation-2/x11-guide/%5Bquote"
linktext was:"https://firejail.wordpress.com/document ... ide/[quote"
====================================
]
Firejail X11 sandboxing support is built around an external X11 server software package.
Both Xpra and Xephyr are supported (apt-get install xpra xserver-xephyr on Debian/Ubuntu).
To allow people to use the sandbox on headless systems, Firejail compile and install is not be dependent on Xpra or Xephyr packages.
The sandbox replaces the regular X11 server with Xpra or Xephyr server.
This prevents X11 keyboard loggers and screenshot utilities from accessing the main X11 server.[/quote]
linux.com review (naw, brief intro) of firejail (June 2016):
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.linux.com/learn/lock-your-untrusted-applications-firejail"
linktext was:"https://www.linux.com/learn/lock-your-u ... s-firejail"
====================================
linux-magazine 2015 article"Running your programs in a jail with Firejail"
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.linux-magazine.com/Issues/2015/173/Firejail"
linktext was:"http://www.linux-magazine.com/Issues/2015/173/Firejail"
====================================
Aug 2014"How To Use Firejail to Set Up a WordPress Installation in a Jailed Environment" article + comments
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://www.digitalocean.com/community/tutorials/how-to-use-firejail-to-set-up-a-wordpress-installation-in-a-jailed-environment"
linktext was:"https://www.digitalocean.com/community/ ... nvironment"
====================================
(I wonder how accurate this still is, or is not, 2+ yrs later)
Dec 2016"Firejail with Tor HOWTO"
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"http://www.void.gr/kargig/blog/2016/12/12/firejail-with-tor-howto/"
linktext was:"http://www.void.gr/kargig/blog/2016/12/ ... tor-howto/"
====================================
-
poorguyPosts: 125
- Joined: 11 May 2016
#7
Hey skidoo,
Here is a link I ran across.
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://firejail.wordpress.com/"
linktext was:"https://firejail.wordpress.com/"
====================================
Thanks
Here is a link I ran across.
========= SCRAPER REMOVED AN EMBEDDED LINK HERE ===========
url was:"https://firejail.wordpress.com/"
linktext was:"https://firejail.wordpress.com/"
====================================
Thanks