firejail: child-process not sandboxed?

		LinuxQuestions.org > Forums > Linux Forums > Linux - Software
firejail: child-process not sandboxed?

Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

07-27-2018, 04:35 AM	#1
Rosika Member Registered: Apr 2017 Distribution: Lubuntu 64 bit Posts: 280 Rep:	firejail: child-process not sandboxed? Hi, as far as the sandbox firejail is concerned I´ve encountered a phenomenon which isn´t completely clear to me. My understanding has always been that whenever I start a programm/process in firejail that process is sandboxed. Fine, that´s clear. I was also of the opinion that whenever that sandboxed process triggers another process that one is by default sandboxed, too. This is the case e.g. when doing this: "firejail thunderbird" and then clicking on a link within a mail. So (in my case) firefox, which is my default browser, opens up and displays the website the link is referring to. Plus: firefox is sandboxed, too. I think this is what it should be like. But: whenever I start calibre with "firejail calibre", that one is sandboxed. O.K. That´s fine too. Now for the tricky part: When trying to open a pdf-file within the sandoxed calibre my default pdf-reader (evince) fires up but isn´t sandboxed. "firejail --tree" doesn´t list it, nor does firetools. I also can shutdown calibre and evince (displaying) the pdf-file remains open. Can anyone tell me anything about that phenomenon? Tnx a lot in advance. Rosika Info: my system: Ubuntu 16.04.5 LTS, 64 bit firejail version: 0.9.52-1

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Difference between Child THREAD and Child PROCESS	whho	Linux - Newbie	12	02-16-2015 12:22 AM
Sending Signal from Child Process to Parent Process : Not getting desired output	thelink123	Linux - General	4	10-26-2012 09:05 PM
Under which circumstances a child process creates another child process using fork?	mitsulas	Programming	3	12-08-2009 08:16 AM
How to kill a Child and all its subsequent child process in C	shayer009	Programming	3	12-04-2007 12:40 AM
Killing a child process from another child	marri	Programming	6	10-01-2004 07:08 PM

All times are GMT -5. The time now is 12:53 PM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions