[arch-general] Announcing pacpak
pelzflorian (Florian Pelz)
pelzflorian at pelzflorian.de
Tue Jul 19 18:37:19 UTC 2016
On 07/19/2016 07:03 PM, Carsten Mattner via arch-general wrote:
> This is a nice and useful project, but I think we could be served
> better in the short term by having supported firejail profiles
> for things like Firefox and LibreOffice that are easy to use.
>
Firejail is a different design with less filesystem isolation. We should
have both, even in the long term. The more direct competitor to Firejail
is Bubblewrap, not Flatpak/pacpak.
That said, the documentation on Firejail on the wiki seems to contain
the most important things. I’m not knowledgable enough about Firejail
though. Network namespaces are missing in the wiki instructions. I don’t
know if Firejail can restrict D-Bus access. In the past I could launch
an unrestricted Nautilus from a Firejail’d Icecat, but apparently that
no longer works. I don’t know enough about the advantages/disadvantages
over Bubblewrap; apparently there is some disagreement about the scope,
e.g. whether how Pulseaudio should be dealt with.
Regards,
Florian Pelz
More information about the arch-general
mailing list