It's working really great and it is fast too.
Download bundle here
Then you can start applications like
Code: Select all
firejail --user=alpha icecat
or
Code: Select all
su -c "firejail firefox" alpha
Works for tor-browser as well
Code: Select all
su -c "firejail --profile=/etc/firejail/firejail.profile tor-browser-en" alpha
read more about it at
https://firejail.wordpress.com/
Can be added seamless as desktop integration if PATH is setup to look
in /usr/local/bin before /usr/bin. Only caveat is you have to run it as user alpha
Try for icecat with
Code: Select all
> PATH="/usr/local/bin:$PATH"
> ln -s /usr/bin/firejail /usr/local/bin/icecat
> su alpha
> icecat
running as root could also be fixed with commenting out noroot option in /etc/firejail/firefox.profile
but I really like that feature that prevents an attacker to gain root in that sandbox.
then it would be
Code: Select all
> PATH="/usr/local/bin:$PATH"
> ln -s /usr/bin/firejail /usr/local/bin/icecat
> sed -i 's/^noroot/#noroot/' /etc/firejail/firefox.profile
> icecat