Check Parrot OS sandboxing code

Parrot OS is a free distro based on Debian testing, focusing on pentest and privacy merged into one place with sandboxing security.

it would be great to review the code and check how they are sandboxing everything after installation. so we can implement that if possible (and for sure preferable) in our distro as well.

main website:

https://www.parrotsec.org/

GitLab link:

https://dev.parrotsec.org/explore/projects/starred

Development Teams:

https://docs.parrotsec.org/developers

1 Like

I remember we gave Firejail a lot of thought a couple of years ago but it was far from an easy automatic experience and had some hurdles such as ensuring an updated package is still forced to run sandboxed. We came to the conclusion it was best to wait for something like Flatpak that is destined yo be baked into all standard DEs and just use that when its ready.

Now this could have improved in upstream or ParrotOS may have contributed usability changes to successfully smoothen the rough edges. Have you tried it? Does it work seamlessly?

https://forums.whonix.org/t/looking-for-firejail-seccomp-maintainer-for-better-security/2211/5?u=patrick

parrot firejail profiles are for Debian testing.
Whonix is on Debian stable. Why? See:

Dev/Operating System - Whonix

Their profiles might work great for us or might not work great for us. Needs actual testing.

Thanks for your pointer @nurmagoz. Good find.

2 Likes