Firejail Sandbox Firefox

 10 Apr 2021  Snippets

Firejail Sandbox Firefox

Install firejail and X11 utilities:

sudo apt install firejail xpra xserver-xephyr

Enable PulseAudio fixes:

firecfg --fix-sound

Prevent processes from escalating sandbox privileges:

nano /etc/firejail/firejail.config

# change the config option below in the above file

force-nonewprivs yes 

Take ownership of firejail executable as non-root user:

chown root:paramdeo /usr/bin/firejail

sudo chmod u+s /usr/bin/firejail

Run Firefox in firejail:

firejail --private firefox -no-remote

--private — restricts the folders that Firefox can interact with to Downloads, and uses a temporary default profile that is nuked on exit

-no-remote — allows sandboxed process to spawn independently of any existing open Firefox windows

Shell alias for ease of use:

alias jailfox="firejail --private firefox -no-remote"
Webmentions & Comments

Copyright © Paramdeo Singh. Built with Jekyll and ☕️ in Guyana. All Rights Reserved.

Last Site Build on Thu, 21 Oct 2021 17:49:44 -0400

1MB Club Badge

Paramdeo Singh Guyana

Riding the wave of consciousness in this treacherous mortal sea.

Technology Design Strategy Literature Personal Blogs