Option to discard modifications when sandbox is closed: 'firejail --private-home=.mozilla firefox' replaces > 'private.keep' option from 0.9.30-1 onwards - 'private-home' option is deprecated from 0.9.38-1. As far as I'm aware (correct me if I'm wrong) the only other options which discard modifications from 0.9.38-1, is the 'private' option which launches an unconfigured Firefox, or – the 'private-etc' option (which I haven't touched on yet)
I think you're right. AFAIK, there is nothing that truly replaces the now deprecated private-home option. Too bad
Yes, that truly sucks. Thanks for the info though. I guess I'll keep using the older version. I wonder why the ability was killed off.
I was actually aware of the security audit. Honestly, my main purpose for using FireJail wasn't for the added security anyway. I just liked the ability to use Firefox and drop any changes made when I close it. Unless someone can advise me that by running the older version of FireJail I have less security than running Linux without FireJail at all then I'll probably stick with the version that does what I want it to do.
But isn't that what the --private switch does? Regarding the security audit, we don't know what problems exactly were found. So I would be cautious - it's possible that an attacker could gain root rights. That's certainly not what you want
Yes, but remember this opens up a completely new, virgin session of the browser without extensions or plugins, as opposed to the pre-configured browser session that opens using the --private-home switch.
Yes, that's true. I don't know why netblue30 removed it. Perhaps because only a handful of Firejail users were willing to abstain from extension updates etc.
No need to miss extension updates, etc. I have one icon that opens Firefox normally and one that opens Firefox with FireJail. I can update things and keep them with the normal Firefox. Then I can open Firefox using my Firejailed Firefox icon and surf with my updated Firefox and then lose any other changes made when I close it.
Does anyone here use lastpass and firejail? The browser keep asking me for the 2FA code, even though I've "Trust this computer for 30 days" ticked. I'm already in talk with lastpass support and I wonder if firejail might be the problem?
It could be, depending on where lastpass' binaries and configuration files are located. Did you whitelist laspass on your firefox's firejail config or in any other firejail config?
Yes, it definitely is firejail's fault. I've tested without firejail and lastpass works ok. Now all I need to do is find out where the hell lastpass saves the config files for firefox..
Ok, so playing with firejail and firefox, I found out the following: - If I "Trust this computer for 30 days" in a non-firejailed firefox, it'll work once I open firefox firejailed; - If I "Trust this computer for 30 days" in a firejailed firefox, it will not work once I restart firefox; Any suggestions?
Sorry, I don't get it. The Lastpass directories/files are already whitelisted in the default Firefox profile in /etc/firejail. If you're using your own profile just add those entries to it.
How would I start firejail with the following command? LD_PRELOAD='/usr/$LIB/libstdc++.so.6 /usr/$LIB/libgcc_s.so.1 /usr/$LIB/libxcb.so.1 /usr/$LIB/libasound.so.2 '${LD_PRELOAD} /usr/bin/steam %U I need to make Steam run on firejail with this command, but this is what I get: Code: libGL error: unable to load driver: radeonsi_dri.so libGL error: driver pointer missing libGL error: failed to load driver: radeonsi libGL error: unable to load driver: swrast_dri.so libGL error: failed to load driver: swrast How I'm trying: Code: LD_PRELOAD='/usr/$LIB/libstdc++.so.6 /usr/$LIB/libgcc_s.so.1 /usr/$LIB/libxcb.so.1 /usr/$LIB/libasound.so.2 '${LD_PRELOAD} firejail steam I tried adding the following to the steam profile, but it didn't work. Code: noblacklist /usr/$LIB/libstdc++.so.6 noblacklist /usr/$LIB/libgcc_s.so.1 noblacklist /usr/$LIB/libxcb.so.1 noblacklist /usr/$LIB/libasound.so.2
Yes, I thought so. Though in my case there's no .lastpass folder. (Ubuntu 14.04). The fact that it doesn't work as it is supposed to, proves that something is wrong. Namely: - If I "Trust this computer for 30 days" in a non-firejailed firefox, it'll work once I open firefox firejailed; - If I "Trust this computer for 30 days" in a firejailed firefox, it will not work once I restart firefox;
I must admit that I'm confused. What does "Trust this computer for 30 days" mean? Where does it come from? I've never seen this before.
It's probably like what Facebook does, if you click "Trust this computer" Facebook will then drop a file to your folder that will, after you re-open the browser, tell Facebook it doesn't need some security permission (like 2-factor authentication).
Ah, sorry. Lastpass supports two-factor-authentication and "Trust this computer for 30 days" means that I don't need to input my 2FA key everytime I restart the browser.
Hello, Can anyone show me how to install firejail in Jessie (Debian Stable v. 8.4) ? Thanks for your help!