zazarpro

joined 5 months ago
[–] zazarpro@lemmy.ml 1 points 15 hours ago (1 children)

Just so you know Firejail is a setuid root binary with a lot of code. This means that if that code gets exploited and the sandboxed process escapes the sandbox it will have root privileges instead of the running users.

Sources: https://github.com/netblue30/firejail, https://madaidans-insecurities.github.io/linux.html#firejail