Projects / Firejail


Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces. It currently implements hostname, filesystem, PID, IPC, and networking stack isolation, and it runs on any recent Linux system. It includes a sandbox profile for Mozilla Firefox. Firejail also expands the restricted shell facility found in bash by adding Linux namespace support. It supports sandboxing specific users upon login. The software also includes a small monitoring utility, firemon.

Operating Systems

Recent releases

  •  09 Jun 2014 10:47

    Release Notes: This release adds support for running servers, zsh and csh shells, and a number of fixes to chroot and private mode.

    •  05 May 2014 11:55

      Release Notes: This release fixes network connectivity problems for Ubuntu and Debian systems, fixes /run directory and following symlinks in profile files, and it adds Evince and Midori sandbox profiles.

      •  28 Apr 2014 12:47

        Release Notes: This version brings in support for multiple network devices, a --noip option necessary for DHCP setups, a default gateway option, syslog support, tmpfs and read-only profile commands, bash completion, and a number of bugfixes.

        •  16 Apr 2014 14:37

          Release Notes: This is the first Firejail release.


          Project Spotlight


          A Fluent OpenStack client API for Java.


          Project Spotlight

          TurnKey TWiki Appliance

          A TWiki appliance that is easy to use and lightweight.