Firejail A Namespace Separation Security Sandbox

Firejail A Namespace Separation Security Sandbox

​Linux distro is mostly loved for its security features. When we people want more security we use TOR and VPN. Today I am going to tell you about an application called Firejail that helps to protect your personal files via sandbox technique.
Firejail is a sandbox application built for Linux distros which uses the capabilities of Linux kernel to use namespace separation. In the simplest sense, apps launched through Firejail cannot access your personal files on your hard drive. Isn’t that cool? Cool and safe!Firejail is easy to setup and also very easy to use. You can go either by command line version or UI version. I have got both of them covered. Try anyone you like.

Download & Install Firejail

​Before downloading Firejail, let me make a thing clear. The command line version is simply Firejail while GUI version is covered under Firetools.​Open the command prompt and start hitting the commands.

There are certain files required in order for Firejail to work properly. Get them first and if already having them skip it.

Git and Compiler

sudo apt-get install git build-essential

QT5

sudo apt-get install build-essential qt5-default qt5-qmake qtbase5-dev-tools libqt5svg5 git
install firejail qt5

​Now let us install Firejail.
git clone https://github.com/netblue30/firejail.git
cd firejail
./configure && make && sudo make install-strip
​Firejail is now installed. You can skip next part if you are comfortable to use CLI version.To install GUI, enter commands below.
git clone https://github.com/netblue30/firetools
cd firetools
/configure –prefix=/usr && make && sudo make install
​Firetools is also installed now. You can find it in your list of applications, menu etc.
open firejail from applications menu

In case you want the GitHub link, here you have it. Firejail and Firetool on Github.

How to securely run applications with Firejail?

​Using firejail is very easy. As I told earlier, you can use firejail either ways i.e. via terminal or GUI.To launch firejail via command line, hit firejail in the terminal. You will see firejail is now running. To launch an application type firejail {app name}. Alternatively, you can use the second command directly.

how to run applications with firejail

​That’s it. Now you can launch apps using CLI interface. They will all work in sandbox mode.Now, if you want to use it through GUI mode read on.

You will find it in your menu. There will be two options. One will be setup and other will be the direct launcher.I will advise you to use setup version as I found it easy and detailed. Also, it will allow you to use your installed applications easily and offers navigation.

firejail gui interface on linux mint

​You can use a direct launcher if you are happy to stick with the direct launcher, It will show you pre selected apps. Double clicking them will launch and right click will allow more options.
firejail launcher plugin

​That’s the setup done. Now you can run the applications in sandbox mode and have more security and privacy. However, if you want to make it sure that apps cannot access your files I have included a snapshot below, which is of VLC launched through firejail.
browse files with firejail sandbox tool

​My personal files are stored on another partition which is accessible through media folder. As you can notice media folder is not present. Also to be sure I checked my drive was mounted.Go ahead, stay safer while running known or unknown applications.

Conclusion

​As throughout my whole use of Firejail, I find it quite useful. It is useful and good. At least some applications cannot damage my files. Many people will say it is less useful which I may agree, but its importance can’t be ignored.Firejail is continuously developed, updated and maintained which is really great.The developer supports multiple distros and keeps all of them updated. Being open sourced it is available on GitHub too which is more awesome.

I would love to have it on my system and will also advise you guys to try it out. I will also love to hear your comments on the applications. Make sure to drop a comment below.

Leave a Reply

Your email address will not be published. Required fields are marked *

linux system administration bootcamp