Hi,
as far as the sandbox
firejail is concerned Iīve encountered a phenomenon which isnīt completely clear to me.
My understanding has always been that whenever I start a programm/process in firejail that process is sandboxed.
Fine, thatīs clear.
I was also of the opinion that whenever that sandboxed process triggers another process that one is by default sandboxed, too.
This is the case e.g. when doing this:
"firejail thunderbird" and then clicking on a link within a mail. So (in my case)
firefox, which
is my default browser, opens up and displays the website the link is referring to. Plus:
firefox is sandboxed, too. I think this is
what it should be like.
But:
whenever I start
calibre with
"firejail calibre", that one is sandboxed. O.K. Thatīs fine too.
Now for the tricky part: When trying to open a pdf-file within the sandoxed calibre my default pdf-reader (
evince) fires up but isnīt sandboxed.
"firejail --tree" doesnīt list it, nor does
firetools.
I also can shutdown calibre and evince (displaying) the pdf-file remains open.
Can anyone tell me anything about that phenomenon?
Tnx a lot in advance.
Rosika
Info:
my system: Ubuntu 16.04.5 LTS, 64 bit
firejail version: 0.9.52-1