Week 11d: Firejail Sandboxing & Defense Framework
Goal Master Firejail for application sandboxing and understand when to use each hardening tool. Complete hands-on labs and establish a continuous hardening practice. Prerequisites: Week 11c (Kernel Hardening & AppArmor) This is Part 4 of 4 - Covers Firejail sandboxing and the decision framework. 1. Firejail for Application Sandboxing What is Firejail? Firejail creates isolated sandboxes for applications using Linux namespaces: Filesystem isolation - Restrict access to specific directories Network isolation - Block or restrict network access Process isolation - Limit system calls (seccomp) Resource limits - Restrict CPU, memory usage Why use Firejail: ...