wok annotate firejail/description.txt @ rev 24676
updated iptstate (2.2.6 -> 2.2.7)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Sat Mar 12 08:53:57 2022 +0100 (2022-03-12) |
| parents | |
| children |
| rev | line source |
|---|---|
| Hans-G?nter@24550 | 1 Firejail is a SUID program that reduces the risk of security breaches |
| Hans-G?nter@24550 | 2 by restricting the running environment of untrusted applications using |
| Hans-G?nter@24550 | 3 Linux namespaces and seccomp-bpf. |
| Hans-G?nter@24550 | 4 It allows a process and all its descendants to have their own private |
| Hans-G?nter@24550 | 5 view of the globally shared kernel resources, such as the network stack, |
| Hans-G?nter@24550 | 6 process table, mount table. |
| Hans-G?nter@24550 | 7 |
| Hans-G?nter@24550 | 8 Written in C with virtually no dependencies, the software runs on any |
| Hans-G?nter@24550 | 9 Linux computer with a 3.x kernel version or newer. |
| Hans-G?nter@24550 | 10 The sandbox is lightweight, the overhead is low. |
| Hans-G?nter@24550 | 11 There are no complicated configuration files to edit, no socket |
| Hans-G?nter@24550 | 12 connections open, no daemons running in the background. |
| Hans-G?nter@24550 | 13 All security features are implemented directly in Linux kernel and |
| Hans-G?nter@24550 | 14 available on any Linux computer. |