You are not logged in.
Pages: 1
11 months ago, the Alpine Linux team withdrew firejail from their repositories, citing security concerns with it:
This looks like it was a sudden thing, and is a little annoying because the suggested Bubblejail replacement is not working properly for me (Alpine v3.15.4; not edge).
Does anyone know if it is likely to vanish from Debian/Devuan for similar reasons? If so, is there/will there be a good, KISS, easy-to-use alternative?
Last edited by dvnUsr (2022-04-21 01:19:01)
Offline
You might possibly enjoy overlay-boot in Devuan's experimental repository.
It's a couple of scripts using unshare for namespace separation.
Add the following line to your sources.list for installing it
deb http://pkgmaster.devuan.org/devuan experimental main
Offline
if it is likely to vanish from Debian/Devuan for similar reasons?
I wouldn't think so. Alpine place considerably more emphasis on security than Debian — they don't even apply the unprivileged user namespaces sysctl patch to their kernel, unlike Debian.
To obtain a root shell use su -. Using just su will result in "command not found" messages.
Offline
firejail from my experience has been pretty good. Issue is when you start running untrusted programs and required to hash out seccomp for hardware and/or syscall access. Along with other security settings that otherwise would make it pretty solid choice.
Last edited by czeekaj (2022-05-28 17:39:41)
Offline
Pages: 1