Firejail  is  a  SUID sandbox program that reduces the risk of security
breaches by restricting the running environment of  untrusted  applications
using Linux namespaces and seccomp-bpf. It includes sandbox profiles for
Iceweasel/Mozilla Firefox, Chromium, Midori, Opera, Evince, Transmission,
VLC, Audoacious, Clementine, Rhythmbox, Totem, Deluge and qBittorrent.

Firejail also expands the restricted shell facility found  in  bash  by adding 
Linux  namespace support. It supports sandboxing specific users upon login.

Download: http://sourceforge.net/projects/firejail/files/
Build and install: ./configure && make && sudo make install
Documentation and support: http://firejail.sourceforge.net
License: GPL v2

Firejail Authors:

netblue30 (netblue30@yahoo.com)
Peter Millerchip (https://github.com/pmillerchip)
	- memory allocation fix
	- --private.keep to --private-home transition
	- support for files and directories starting with ~ in blacklist option
	- support for files and directories with spaces in blacklist option
	- lots of other fixes
Patrick Toomey (http://sourceforge.net/u/ptoomey/profile/)
	- user namespace implementation
Reiner Herrmann - a number of build patches, man page fixes, Debian integration
sshirokov (http://sourceforge.net/u/yshirokov/profile/)
	- Patch to output "Reading profile" to stderr instead of stdout
Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
	- src/lib/libnetlink.c extracted from iproute2 software package
G4JC (http://sourceforge.net/u/gaming4jc/profile/)
	- ARM support
dewbasaur (https://github.com/dewbasaur)
	- block access to history files
	- Firefox PDF.js exploit (CVE-2015-4495) fixes
Michael Haas (https://github.com/mhaas)
	- bugfixes
mjudtmann (https://github.com/mjudtmann)
	- lock firejail configuration in disable-mgmt.inc

Copyright (C) 2014, 2015 Firejail Authors