Skip to main content
Super User

Questions tagged [firejail]

Ask Question

Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf.

9 questions
Newest Active Bountied Unanswered
1 vote
0 answers
436 views

No internet: firejail ubuntu 20.04 --net=eno1 --dns=QQQ.RRR.SSS.TTT

This is the same case of unanswered question DNS not working in firejail ALL SENSITIVE INFORMATION WAS MODIFIED TO A SET OF THREE OR TWO LETTERS (AAA, etc. or XX) The case is: I have an ethernet ...
theRael's user avatar
theRael
  • 11
1 vote
1 answer
143 views

File picker dialogs do not remember settings when Firefox is running in firejail

When Firefox is running in Firejail with the provided default config, the Gtk file picker dialogs do not remember sort order even when Firefox was not restarted between opening two dialogs. I tried ...
allo's user avatar
allo
  • 1,158
2 votes
0 answers
1k views

Firejail and chrome: limiting RAM useage

Long story short, I have a consistent memory leak coming from somewhere. I'm thinking that it's my browser. So I've tried using firejail to limit the memory as follows: firejail --rlimit-as=8048576000 ...
Anton's user avatar
Anton
  • 191
0 votes
1 answer
673 views

How do I create a SINGLE symbolic link for Firejail, in Ubuntu/Fedora/CentOS?

Firecfg will configure all symbolic links at once, but how do I create a single symbolic link to firejail a specific application that isn't securely preconfigured by for example, SELinux?
Boja's user avatar
Boja
  • 23
1 vote
0 answers
801 views

How does firejail build its default blacklist?

When I start firejail, i see my complete home directory. When I start firejail --whitelist=~/something, i see only something in my home. Now i would like to restrict more access to the system. I can ...
allo's user avatar
allo
  • 1,158
1 vote
0 answers
434 views

DNS not working in firejail

I try to make a test ssh firejail user for testing downloaded files. But the name lookup for my setup is not working. /etc/passwd: UserName:x:9999:9999:,,,:/home/UserName:/usr/bin/firejail /etc/...
FrankStein's user avatar
FrankStein
  • 104
0 votes
1 answer
3k views

redirect traffic from bridge to http proxy

If I create a new instance of an ethernet bridge: # brctl addbr br1 # ip link set dev br1 up # ip addr add 10.100.100.1/24 dev br1 Start tinyproxy listening on localhost on its default port 8888: # ...
user5321531's user avatar
user5321531
  • 151
6 votes
2 answers
3k views

Is it expected that firejail allows R/W outside of the sandbox without "--overlay" flag?

Just installed firejail on Ubuntu 16.04 (version 0.9.38) and according to this linux-magazine article, by default it should make R/O the entire filesystem: The programs in the sandbox have only ...
Emanuele's user avatar
Emanuele
  • 751
4 votes
2 answers
6k views

How to create a Tor-only network interface suitable for Firejail?

The well-known but unsafe method is to use torify. It is unsafe because we ask an application to use Tor, not force it. If the application misbehaves or is being exploided by a bug, it will still ...
VasyaNovikov's user avatar
VasyaNovikov
  • 3,546