diff options
author | netblue30 <netblue30@yahoo.com> | 2015-08-08 19:58:41 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-08-08 19:58:41 -0400 |
commit | 9417a66fd11eedf108b2acf040399d012b12a994 (patch) | |
tree | 2d5f938be53ef61b15388e7a428c1affb0c0c5f3 /README.md | |
parent | description (diff) | |
download | firejail-9417a66fd11eedf108b2acf040399d012b12a994.tar.gz firejail-9417a66fd11eedf108b2acf040399d012b12a994.tar.zst firejail-9417a66fd11eedf108b2acf040399d012b12a994.zip |
description
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -1,3 +1,6 @@ | |||
1 | Firejail | ||
2 | ==== | ||
3 | |||
1 | Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. Firejail can work in a SELinux or AppArmor environment, and it is integrated with Linux Control Groups. | 4 | Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table. Firejail can work in a SELinux or AppArmor environment, and it is integrated with Linux Control Groups. |
2 | 5 | ||
3 | Written in C with virtually no dependencies, the software runs on any Linux computer with a 3.x kernel version or newer. It can sandbox any type of processes: servers, graphical applications, and even user login sessions. The software includes sandbox profiles for a number of more common Linux programs, such as Mozilla Firefox, Chromium, VLC, Transmission etc. | 6 | Written in C with virtually no dependencies, the software runs on any Linux computer with a 3.x kernel version or newer. It can sandbox any type of processes: servers, graphical applications, and even user login sessions. The software includes sandbox profiles for a number of more common Linux programs, such as Mozilla Firefox, Chromium, VLC, Transmission etc. |