Just so you know Firejail is a setuid root binary with a lot of code. This means that if that code gets exploited and the sandboxed process escapes the sandbox it will have root privileges instead of the running users.
Sources: https://github.com/netblue30/firejail, https://madaidans-insecurities.github.io/linux.html#firejail
Just so you know Firejail is a setuid root binary with a lot of code. This means that if that code gets exploited and the sandboxed process escapes the sandbox it will have root privileges instead of the running users.
Sources: https://github.com/netblue30/firejail, https://madaidans-insecurities.github.io/linux.html#firejail