Sandbox: A security technique in which you can run an untrusted or doubtful (testing / beta mode) application in an isolated environment in order to protect your core system.Sandbox gives these untrusted/unverified application in separate storage network memory resources in order to perform tasks. In this way you can run an application without taking headache of security breaches of your system.The process is called sandboxing or jailing.
Firejail is a SUID sandbox
program that reduces the risk of security breaches by restricting the
running environment of untrusted applications using Linux namespaces,
seccomp-bpf and Linux capabilities. It uses the Linux inbuilt features like Namespaces, seccomp-bpf. It can be implemented with SE Linux. It has features like run an application with internet restriction. It reduces the security risks from attackers who can target your system by accessing the system via application's loop holes.
How to install Firejail : To install firejail in any Linux distro , use the native package manager command to install it. Firejail is included in Alpine, ALT Linux, Arch, Chakra, Debian, Deepin,
Devuan, Fedora, Gentoo, Manjaro, Mint, NixOS, Parabola, Parrot,
PCLinuxOS, ROSA, Solus, Slackware/SlackBuilds, Trisquel, Ubuntu, Void
and possibly others. Ubuntu/Debian & Arch examples are below.
Ubuntu/Debian
On Ubuntu 18.04 LTS users are advised to use the PPA
sudo add-apt-repository ppa:deki/firejail
sudo apt-get update
sudo apt-get update
sudo apt-get install firejail
sudo firecfg
sudo apparmor_parser -r /etc/apparmor.d/firejail-default
sudo firecfg
sudo apparmor_parser -r /etc/apparmor.d/firejail-default
For Arch Linux
- Install the package
sudo pacman -S firejail
sudo firecfg
sudo apparmor_parser -r /etc/apparmor.d/firejail-default
From Source Code : You can install the firejail by compiling it from your system & install it.Below are the commands to compile the source code & install the firejail.
$ git clone https://github.com/netblue30/firejail.git$ cd firejail
$ ./configure && make && sudo make install-strip
For Debian you
also
need to install below packages to compile the firejail
$ sudo apt-get install git build-essential libapparmor-dev pkg-config
Run An Application in Firejail
firejail "Application_Name"
Example : firejail firefox
Disable The internet for an application
firejail --net=none ping google.com
Graphical Windows : You can install the graphical interface launcher for firejail. Run below command to install it.
sudo apt-get install firetools
run launcher by command
firetools
Sharing is Caring 😊
0 Comments