You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be better if orjail used bubblewrap instead which is similar to firejail but has minimal attack surface.
I can create a pull request that implements most of the same functionality as firejail but using bubblewrap instead if this is something you're interested in. The only things I don't know how to replicate with bubblewrap are the --dns=, --name= and --netns= options.
The text was updated successfully, but these errors were encountered:
Firejail has way too large attack surface that has led to many privilege escalations and sandbox escapes in the past.
It would be better if orjail used bubblewrap instead which is similar to firejail but has minimal attack surface.
I can create a pull request that implements most of the same functionality as firejail but using bubblewrap instead if this is something you're interested in. The only things I don't know how to replicate with bubblewrap are the
--dns=
,--name=
and--netns=
options.The text was updated successfully, but these errors were encountered: