Package: firejail
Version: 0.9.56-2
Severity: normal
Dear Maintainer,
Firejail being a setuid executable provides regular users root powers to bypass
system settings.
I think it's a problem for an official Debian package to automatically
grant regular users that much power without root having actively granted it
(root might not fully appreciate the powers granted to regular users simply
by installing this enhanced security package).
Perhaps Firejail could be installed by default without the SUID bit set, and
leave it up to root to actively decide if they want to turn it on.
Or, perhaps default /etc/firejail/firejail.config should be set much more
conservatively initially, things like: restricted-network yes
Example:
root sets up system firewall (simple example here, block all outbound):
# nft add table ip filter
# nft add chain ip filter OUTPUT "{ type filter hook output priority 0; policy
drop; }"
regular user tries:
$ wget http://www.google.com # fails, as expected due to firewall rules
$ firejail --net=enp6s0 --noprofile wget http://www.google.com # works!
regular user is able to bypass all system firewall rules
Thank you
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.18.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.13.1-3+b1
ii libc6 2.28-2
Versions of packages firejail recommends:
ii firejail-profiles 0.9.56-2
ii iproute2 4.18.0-2
ii iptables 1.8.2-2+b1
ii xauth 1:1.0.10-1
ii xserver-xephyr 2:1.20.3-1
firejail suggests no packages.
-- no debconf information
