Firejail  is  a  SUID sandbox program that reduces the risk of security
breaches by restricting the running environment of  untrusted  applications
using Linux namespaces and seccomp-bpf. It includes sandbox profiles for
Iceweasel/Mozilla Firefox, Chromium, Midori, Opera, Evince, Transmission,
VLC, Audoacious, Clementine, Rhythmbox, Totem, Deluge, qBittorrent.
DeaDBeeF, Dropbox, Empathy, FileZilla, IceCat, Thunderbird/Icedove,
Pidgin, Quassel and XChat.

Firejail also expands the restricted shell facility found  in  bash  by adding 
Linux  namespace support. It supports sandboxing specific users upon login.

Download: http://sourceforge.net/projects/firejail/files/
Build and install: ./configure && make && sudo make install
Documentation and support: https://firejail.wordpress.com/
Development: https://github.com/netblue30/firejail
License: GPL v2

Firejail Authors:

netblue30 (netblue30@yahoo.com)
curiosity-seeker (https://github.com/curiosity-seeker)
    - tightening unbound and dnscrypt-proxy profiles
    - dnsmasq profile
    - okular and gwenview profiles
Matthew Gyurgyik (https://github.com/pyther)
	- rpm spec and several fixes
Joan Figueras (https://github.com/figue)
	- added abrowser profile
	- added Google-Play-Music-Desktop-Player
Fred-Barclay (https://github.com/Fred-Barclay)
	- added Vivaldi, Atril profiles
	- added PaleMoon profile
	- split Icedove and Thunderbird profiles
	- added 0ad profile
	- fixed version for .deb packages
	- added Warzone2100 profile
	- blacklisted VeraCrypt
	- added Gpredict profile
	- added Aweather, Stellarium profiles
avoidr (https://github.com/avoidr)
	- whitelist fix
	- recently-used.xbel fix
	- added parole profile
	- blacklist ncat, manpage fixes,
	- hostname support in profile file
	- Google Chrome profile rework
	- added cmus profile
	- man page fixes
	- add net iface support in profile files
	- paths fix
	- lots of profile fixes
Petter Reinholdtsen (pere@hungry.com)
	- Opera profile patch
n1trux (https://github.com/n1trux)
	- fix flashpeak-slimjet profile typos
Felipe Barriga Richards (https://github.com/fbarriga)
	- --private-etc fix
Alexander Stein (https://github.com/ajstein)
	- added profile for qutebrowser
Benjamin Kampmann (https://github.com/ligthyear)
	- Forward exit code from child process
dshmgh (https://github.com/dshmgh)
	- overlayfs fix for systems with /home mounted on a separate partition
yumkam (https://github.com/yumkam)
	- add compile-time option to restrict --net= to root only
	- man page fixes
Vasya Novikov (https://github.com/vn971)
	- Wesnoth profile
	- Hedegewars profile
	- manpage fixes
mahdi1234 (https://github.com/mahdi1234)
	- cherrytree profile
jrabe (https://github.com/jrabe)
	- disallow access to kdbx files
	- Epiphany profile
	- Polari profile
	- qTox profile
	- X11 fixes
jgriffiths (https://github.com/jgriffiths)
	- make rpm packages support
Tom Mellor (https://github.com/kalegrill)
	- mupen64plus profile
Martin Carpenter (https://github.com/mcarpenter)
	- security audit and bug fixes
	- Centos 6.x support
Aleksey Manevich (https://github.com/manevich)
	- several profile fixes
	- fix problem with relative path in storage_find function
	- fix build for systems without bash
pszxzsd (https://github.com/pszxzsd)
	-uGet profile
Rahiel Kasim (https://github.com/rahiel)
	- Mathematica profile
creideiki (https://github.com/creideiki)
	- make the sandbox process reap all children
sinkuu (https://github.com/sinkuu)
	- blacklisting kwalletd
	- fix symlink invocation for programs placing symlinks in $PATH
Bader Zaidan (https://github.com/BaderSZ)
	- Telegram profile
Holger Heinz (https://github.com/hheinz)
	- manpage work
Andrey Alekseenko (https://github.com/al42and)
	- fixing lintian warnings
mahdi1234 (https://github.com/mahdi1234)
	- Seamonkey profiles
Ivan Kozik (https://github.com/ivan)
	- speed up sandbox exit
Christian Stadelmann (https://github.com/genodeftest)
	- profile fixes
pirate486743186 (https://github.com/pirate486743186)
	- KMail profile
Kaan Genç (https://github.com/SeriousBug)
	- dynamic allocation of noblacklist buffer
Veeti Paananen (https://github.com/veeti)
	- fixed Spotify profile
Rahiel Kasim (https://github.com/rahiel)
	- whitelist keysnail config for firefox
Peter Hogg (https://github.com/pigmonkey)
	- WeeChat profile
	- rtorrent profile
rogshdo (https://github.com/rogshdo)
	- BitlBee profile
Bruno Nova (https://github.com/brunonova)
	- whitelist fix
	- bash arguments fix
Matt Parnell (https://github.com/ilikenwf)
	- whitelisting for core firefox related functionality
Andrey Alekseenko (https://github.com/al42and)
	- fixed Skype profile
Ondra Nekola (https://github.com/satai)
	- allow firefox theming with non-global themes
emacsomancer (https://github.com/emacsomancer)
	- added profile for Conkeror browser
Daan Bakker (https://github.com/dbakker)
	- protect shell startup files
Duncan Overbruck (https://github.com/Duncaen)
	- musl libc fix
	- utmp fix
andrew160 (https://github.com/andrew160)
	- profile and man pages fixes
Loïc Damien (https://github.com/dzamlo)
	- small fixes
greigdp (https://github.com/greigdp)
	- add Spotify profile
Mattias Wadman (https://github.com/wader)
	- seccomp errno filter support
Peter Millerchip (https://github.com/pmillerchip)
	- memory allocation fix
	- --private.keep to --private-home transition
	- support for files and directories starting with ~ in blacklist option
	- support for files and directories with spaces in blacklist option
	- lots of other fixes
sarneaud (https://github.com/sarneaud)
	- rewrite globbing code to fix various minor issues
	- added noblacklist command for profile files
	- various enhancements and bug fixes
Patrick Toomey (http://sourceforge.net/u/ptoomey/profile/)
	- user namespace implementation
Reiner Herrmann
	- a number of build patches
	- man page fixes
	- Debian and Ubuntu integration
	- clang-analyzer fixes
	- Debian reproducible build
sshirokov (http://sourceforge.net/u/yshirokov/profile/)
	- Patch to output "Reading profile" to stderr instead of stdout
G4JC (http://sourceforge.net/u/gaming4jc/profile/)
	- ARM support
	- profile fixes
dewbasaur (https://github.com/dewbasaur)
	- block access to history files
	- Firefox PDF.js exploit (CVE-2015-4495) fixes
	- Steam profile
Michael Haas (https://github.com/mhaas)
	- bugfixes
mjudtmann (https://github.com/mjudtmann)
	- lock firejail configuration in disable-mgmt.inc
iiotx (https://github.com/iiotx)
	- use generic.profile by default
pstn (https://github.com/pstn)
	- added install-strip, make install without strip
Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
	- src/lib/libnetlink.c extracted from iproute2 software package
	
Copyright (C) 2014-2016 Firejail Authors