1. Disable /dev/tcp in bash. Compiled time: --enable-net-redirections, --disable-net-redirections ksh and zsh seem to have it. Tests: a) cat /dev/tcp/www.google.com/80 echo -e "GET / HTTP/1.1\r\nhost: http://www.google.com\r\nConnection: close\r\n\r\n" >&3 cat <&3 c) A list of attacks http://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/ 2. SELinux integration Firefox selinux disabled (RedHat): http://danwalsh.livejournal.com/72697.html Firefox selinux enabled (Gentoo hardened): http://blog.siphos.be/2015/08/why-we-do-confine-firefox/ "desktops are notoriously difficult to use a mandatory access control system on" 3. abstract unix socket bridge, example for ibus: before the sandbox is started socat UNIX-LISTEN:/tmp/mysoc,fork ABSTRACT-CONNECT:/tmp/dbus-awBoQTCc & in sandbox socat ABSTRACT-LISTEN:/tmp/dbus-awBoQTCc,fork UNIX-CONNECT:/tmp/mysock 5. add support for --ip, --iprange, --mac and --mtu for --interface option 6. --shutdown does not clear sandboxes started with --join 7. profile for okular 8. profile for dillo Also, in dillo open a directory (file:///etc), when the browser window is closed the sandbox still remains active. This is probably a dillo problem. 9. --force sandbox in a overlayfs sandbox $ sudo firejail --overlay # su netblue $ xterm & $ firejail --force --private Parent pid 77, child pid 78 Warning: failed to unmount /sys Warning: cannot mount a new user namespace, going forward without it... Child process initialized Try to join the forced sandbox in xterm window: $ firejail --join=77 Switching to pid 78, the first child process inside the sandbox Warning: seccomp file not found Warning: seccomp disabled, it requires a Linux kernel version 3.5 or newer. $ ls ~ <----------------- all files are available, the directory is not empty! 10. Posibly capabilities broken for --join $ firejail --name=test ... $ firejail --debug --join=test Switching to pid 18591, the first child process inside the sandbox User namespace detected: /proc/18591/uid_map, 1000, 1000 Set caps filter 0 Set protocol filter: unix,inet,inet6 Read seccomp filter, size 792 bytes However, in the join sandbox we have: $ cat /proc/self/status | grep Cap CapInh: 0000000000000000 CapPrm: 0000000000000000 CapEff: 0000000000000000 CapBnd: 0000003fffffffff CapAmb: 0000000000000000 11. check seccomp on Docker: https://docs.docker.com/engine/security/seccomp/ Seccomp lists: https://github.com/torvalds/linux/blob/1e75a9f34a5ed5902707fb74b468356c55142b71/arch/x86/entry/syscalls/syscall_64.tbl https://github.com/torvalds/linux/blob/1e75a9f34a5ed5902707fb74b468356c55142b71/arch/x86/entry/syscalls/syscall_32.tbl 12. check for --chroot why .config/pulse dir is not created 13. print error line number for profile files in profile_check_line() 14. make rpms problems $ firejail --version firejail version 0.9.40 User namespace support is disabled. $ rpmlint firejail-0.9.40-1.x86_64.rpm firejail.x86_64: E: no-changelogname-tag firejail.x86_64: W: unstripped-binary-or-object /usr/lib64/firejail/libtracelog.so firejail.x86_64: W: unstripped-binary-or-object /usr/lib64/firejail/libtrace.so firejail.x86_64: E: missing-call-to-setgroups /usr/lib64/firejail/libtrace.so firejail.x86_64: W: conffile-without-noreplace-flag /etc/firejail/google-play-music-desktop-player.profile firejail.x86_64: W: conffile-without-noreplace-flag /etc/firejail/rtorrent.profi $ rpmlint firejail-0.9.40-1.src.rpm firejail.src: E: no-changelogname-tag firejail.src: W: invalid-url Source0: https://github.com/netblue30/firejail/archive/0.9.40.tar.gz#/firejail-0.9.40.tar.gz HTTP Error 404: Not Found 1 packages and 0 specfiles checked; 1 errors, 1 warnings. 15. bug: capabiliteis declared on the command line take precedence over caps declared in profiles $ firejail --caps.keep=chown,net_bind_service src/faudit/faudit Reading profile /etc/firejail/default.profile Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-passwdmgr.inc ** Note: you can use --noprofile to disable default.profile ** Parent pid 6872, child pid 6873 Child process initialized ----- Firejail Audit: the Good, the Bad and the Ugly ----- GOOD: Process PID 2, running in a PID namespace Container/sandbox: firejail GOOD: all capabilities are disabled Parent is shutting down, bye... 16. Sound devices: /dev/snd /dev/snd/pcmC0D0 -> /dev/audio0 (/dev/audio) -> minor 4 /dev/snd/pcmC0D0 -> /dev/dsp0 (/dev/dsp) -> minor 3 /dev/snd/pcmC0D1 -> /dev/adsp0 (/dev/adsp) -> minor 12 /dev/snd/pcmC1D0 -> /dev/audio1 -> minor 4+16 = 20 /dev/snd/pcmC1D0 -> /dev/dsp1 -> minor 3+16 = 19 /dev/snd/pcmC1D1 -> /dev/adsp1 -> minor 12+16 = 28 /dev/snd/pcmC2D0 -> /dev/audio2 -> minor 4+32 = 36 /dev/snd/pcmC2D0 -> /dev/dsp2 -> minor 3+32 = 35 /dev/snd/pcmC2D1 -> /dev/adsp2 -> minor 12+32 = 44 17. test 3d acceleration $ lspci -nn | grep VGA # apt-get install mesa-utils $ glxinfo | grep rendering The output should be: direct rendering: Yes $ glxinfo | grep "renderer string" OpenGL renderer string: Gallium 0.4 on AMD KAVERI glxgears stuck to 60fps may be due to VSync signal synchronization. To disable Vsync $ vblank_mode=0 glxgears 18. Bring in nvidia drives in private-dev /dev/nvidia[0-9], /dev/nvidiactl, /dev/nvidia-modset and /dev/nvidia-uvm 19. testing snaps Install firejail from official repository sudo apt-get install firejail Check firejail version firejail --version Above command outputs: firejail version 0.9.38 Search the snap 'ubuntu clock' application sudo snap find ubuntu-clock-app Install 'ubuntu clock' application using snap sudo snap install ubuntu-clock-app Ubuntu snap packages are installed in /snap/// directory and can be executed from /snap/bin/ cd /snap/bin/ ls -l Note: We see application name is: ubuntu-clock-app.clock Run application /snap/bin/ubuntu-clock-app.clock Note: Application starts-up without a problem and clock is displayed. Close application using mouse. Now try to firejail the application. firejail /snap/bin/ubuntu-clock-app.clock -------- Error message -------- Reading profile /etc/firejail/generic.profile Reading profile /etc/firejail/disable-mgmt.inc Reading profile /etc/firejail/disable-secret.inc Reading profile /etc/firejail/disable-common.inc ** Note: you can use --noprofile to disable generic.profile ** Parent pid 3770, child pid 3771 Child process initialized need to run as root or suid parent is shutting down, bye... -------- End of Error message -------- Try running as root as message instructs. sudo firejail /snap/bin/ubuntu-clock-app.clock extract env for process ps e -p | sed 's/ /\n/g' 20. check default disable - from grsecurity GRKERNSEC_HIDESYM /proc/kallsyms and other files GRKERNSEC_PROC_USER If you say Y here, non-root users will only be able to view their own processes, and restricts them from viewing network-related information, and viewing kernel symbol and module information. GRKERNSEC_PROC_ADD If you say Y here, additional restrictions will be placed on /proc that keep normal users from viewing device information and slabinfo information that could be useful for exploits. 21. Core Infrastructure Initiative (CII) Best Practices Proposal Someone closely involved with the project could go thought the criteria and keep them up-to-date. References https://bestpractices.coreinfrastructure.org https://twit.tv/shows/floss-weekly/episodes/389 22. add support for read-write and noexec to Firetools 23. AppArmor $ sudo apt-get install apparmor apparmor-profiles apparmor-utils apparmor-notify $ sudo apt-get install libapparmor-dev $ sudo perl -pi -e 's,GRUB_CMDLINE_LINUX="(.*)"$,GRUB_CMDLINE_LINUX="$1 apparmor=1 security=apparmor",' /etc/default/grub $ sudo update-grub $ sudo reboot If you are using auditd, start aa-notify to get notification whenever a program causes a DENIED message. $ sudo aa-notify -p -f /var/log/audit/audit.log $ sudo cat /sys/kernel/security/apparmor/profiles | grep firejail firejail-default (enforce) 24. check monitor proc behaviour for sandboxes with --blacklist=/proc also check --apparmor in this case 25. fix firemon and firetools on systems with hidepid=2 sudo mount -o remount,rw,hidepid=2 /proc 26. mupdf profile 27. LUKS dm-crypt+LUKS – dm-crypt is a transparent disk encryption subsystem in Linux kernel v2.6+ and later and DragonFly BSD. It can encrypt whole disks, removable media, partitions, software RAID volumes, logical volumes, and files. 28. add support for whitelisting /mtn