Nice.
Wiki fixed.
Re: the many, many options, run:
man firejail
or refer to the Firejail website:
https://firejail.wordpress.com/features-3/man-firejail/
I’ve tried a bunch of security-related options before, but seccomp seemed to be the only one that worked properly, at least in Whonix (from wiki) i.e.
Preliminary tests of other security features reveals they are not yet functional in Whonix, for instance --apparmor, --private, and --overlay-tmpfs. If the user does not specify a path to a specific profile when running Firejail, it will search for any relevant profile automatically. If a profile is not found, a default profile will be used.
See also: https://forums.whonix.org/t/firejail-seccomp-more-options-for-program-containment