On Mon, Apr 28, 2025, at 3:54 PM, gfp wrote: > does anybody use firejail? what experiences do you have?
I experimented with firejail (not on Guix) several years ago. I found it not to have been written with anything like the level of software engineering rigor required of security critical programs. I wasn't curious enough to put a PoC exploit together, but I'm pretty sure it could, at the time, have easily been exploited: not just to escape the sandboxing but to gain root privileges. Unless something major has changed since I would strongly discourage using it at all. zw
