I had a discussion on another site about Firejail being secure and they led me to this GitHub page: https://github.com/netblue30/firejail/issues/3046
So any information that said FJ has major security holes in it are outdated.
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.
So Firejail really is secure.
Started by
SuperSapien64
, Nov 02 2023 06:09 PM
4 replies to this topic
#1
SuperSapien64
-
- Members
- 2,479 posts
- OFFLINE
- Gender:Male
- Local time:06:04 AM
Back to top
#2
The-Toolman
-
- Members
- 3,599 posts
- OFFLINE
- Gender:Male
- Location:USA
- Local time:06:04 AM
Posted 03 November 2023 - 05:52 AM
Firejail adds an additional layer of security.
Last year we said, "Things can't go on like this", and they didn't, they got worse.
[Will Rogers]
There are two theories to arguing with a woman. Neither works.
[Will Rogers]
#3
SuperSapien64
- Topic Starter
-
- Members
- 2,479 posts
- OFFLINE
- Gender:Male
- Local time:06:04 AM
Posted 04 November 2023 - 12:30 PM
Yep and down the road they'll be adding support for Landlock: https://www.phoronix.com/news/Landlock-Networking-Linux-6.7
Avatar/Icon by https://www.deviantart.com/dablim/gallery
#4
Lumios64
-
- Members
- 12 posts
- OFFLINE
- Gender:Male
- Local time:12:04 PM
Posted 06 November 2023 - 11:29 AM
Firejail forces any app to be sandboxed which does prevent problems if it could potentially be malware, vulnerable or a web browser.
With that said, it is not a complete replacement for common sense since Virtual Box, which sandboxes an entire OS rather than individual software, has had leaks from very sophisticated malware in the past and it is entirely possible Firejail has exploits unknown to most people. This is what happened with Java through log4j, it existed since 2013, but has since gone public in 2021.
All in all, using Firejail as another layer of security is perfectly fine, but as someone who is very prudent I would not personally run software under it if I know well it is infected with malware even if Firejail could prevent the malware from causing damage. It is better to be careful than sorry.
#5
SuperSapien64
- Topic Starter
-
- Members
- 2,479 posts
- OFFLINE
- Gender:Male
- Local time:06:04 AM
Posted 06 November 2023 - 06:42 PM
Firejail forces any app to be sandboxed which does prevent problems if it could potentially be malware, vulnerable or a web browser.
With that said, it is not a complete replacement for common sense since Virtual Box, which sandboxes an entire OS rather than individual software, has had leaks from very sophisticated malware in the past and it is entirely possible Firejail has exploits unknown to most people. This is what happened with Java through log4j, it existed since 2013, but has since gone public in 2021.
All in all, using Firejail as another layer of security is perfectly fine, but as someone who is very prudent I would not personally run software under it if I know well it is infected with malware even if Firejail could prevent the malware from causing damage. It is better to be careful than sorry.
Besides FJ I also use NoScript, Ublock Origin I also have UFW enabled plus I surf the web from a non-admin account.
Avatar/Icon by https://www.deviantart.com/dablim/gallery
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
