Enhanced Security
Firejail provides a layer of security by sandboxing applications, which limits their access to system resources and data, thereby reducing the potential impact of vulnerabilities and attacks.
Easy Configuration
Firejail offers simple command-line options and predefined profiles for common applications, making it relatively easy to set up and use even for users with limited technical expertise.
Lightweight
The software operates with minimal overhead compared to other virtualization solutions, helping maintain system performance while enhancing security.
Wide Compatibility
Firejail supports a broad range of Linux distributions and is compatible with many popular Linux applications, making it a versatile tool for enhancing security across different environments.
Open Source
As an open-source project, Firejail benefits from community collaboration and transparency, allowing users to audit and contribute to its codebase.
We have collected here some useful links to help you find out if Firejail is good.
Check the traffic stats of Firejail on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of Firejail on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of Firejail's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of Firejail on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about Firejail on Reddit. This can help you find out how popualr the product is and what people think about it.
I've done some experimenting with running a local model with ollama and claude code connecting to it and having both in a firejail: https://firejail.wordpress.com/. - Source: Hacker News / 4 months ago
Have you tried Firejail security sandbox: https://firejail.wordpress.com/. - Source: Hacker News / about 2 years ago
Firejail can also be a useful option, though no good if you're on Mac https://firejail.wordpress.com/ Uses the same Linux primitives as docker etc, but can be a bit more ergonomic for this use case. - Source: Hacker News / almost 3 years ago
You can find more info on its world-press website: https://firejail.wordpress.com/. Source: about 3 years ago
Try running your Wine app through something like Firejail. Source: over 3 years ago
Firejail is a program that helps to improve the security of your system by creating a restricted environment for running non-trusted applications. It does this using Linux namespaces, seccomp-bpf, and Linux capabilities, and is easy to use thanks to its setuid sandbox feature. Source: over 3 years ago
Sorry, missed "avoid having libs on local machie". Someone mentioned chroot. That's good! Also maybe firejail. I also use x11-docker. Source: over 3 years ago
Sandboxing by default is great, but you can also sandbox appimages using firejail. Source: almost 4 years ago
Firejail is a good option (though not the only one) for sandboxing applications. Source: almost 4 years ago
Maybe firejail might help? https://firejail.wordpress.com/. Source: almost 4 years ago
I am just its (mostly happy) user. I wrote that rule on my phone so you are right, it is not complete. On the other hand raw sockets require CAP_NET_RAW capability which is often assigned to root only so running a capability-untreated binary as an unprivileged user should not allow any raw socket ops (ping often uses file capabilities or setuid root). AFAIK it requires root to load/reload profiles. And that is... - Source: Hacker News / about 4 years ago
Could the CLI tool be combined with something like firejail [1] to solve the filesystem blindspot issue? [1] https://firejail.wordpress.com/. - Source: Hacker News / about 4 years ago
> I like Android's system of per-app uid/gid. But AFAIK it's not implemented by any mainstream Linux kernel or distro. You can create users manually for each app. For GUI apps, https://firejail.wordpress.com/. - Source: Hacker News / about 4 years ago
Strong sandboxing solution such as that found in macOS, ChromeOS, and Android. Commonly used Linux sandboxing solutions such as Flatpak and Firejail still have a long way to go. Source: about 4 years ago
Use some sandbox application like firejail. Source: about 4 years ago
Firejail to isolate applications within the same user account. Tmux to have detachable multiple windows and multiple panes in the terminal. Jq to parse JSON. q to run SQL queries on CSV files. Yt-dlp to download videos from everywhere. Ncdu to visualize and explore disk usage. Htop to monitor processes and resources. Source: over 4 years ago
Or download Firefox v97 and Sandbox it myself with Firejail. I get the latest Firefox, but I hear very mixed reviews on Firejail. Anything from it's perfect and easy to use, to it froze and crashed my whole system. Source: over 4 years ago
For #1, I'm not great at security. I just learned that firejail exists. Can limit the environment that programs see, like not having access to your actual /home/username/. You could maybe get it to work with something like --private=/path/to/minecraft/ so it thinks only those files exist. Source: over 4 years ago
Use firejail or other sandboxing solutions. Source: over 4 years ago
I do use Firejail (unrelated to Firefox: https://firejail.wordpress.com/), but always have and it's never been an issue with browser instances in the past. I've confirmed there's no interference by running the non-firejailed binary directly with /bin/firefox. Source: over 4 years ago
You can use firejail to run the program. See their github. Source: over 4 years ago
Do you know an article comparing Firejail to other products?
Suggest a link to a post with product alternatives.
Is Firejail good? This is an informative page that will help you find out. Moreover, you can review and discuss Firejail here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.