-
Notifications
You must be signed in to change notification settings - Fork 577
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
question: how can i sandbox a DE #1178
Comments
One easy way is to run it within a restricted login shell. Just keep in mind that anything you launch within that DE would then be jailed by the profile of the DE rather than the profile of the program. Why sandbox the entire DE? |
I also don't think it's a good idea. |
Make that three of us who don't think it's a good idea. 😉 Any profile that could jail a DE and still allow all your programmes to work would probably be a very weak profile. |
I would stay away, the profile will be too permissive. There is a /etc/firejail/openbox.profile, mainly used or x11=xephyr if you want something to start from if you build your own profile. |
how can i sandbox a desktu? (lxde/xfce) ?
just like a docker
The text was updated successfully, but these errors were encountered: