Firejail profile for Tor Browser

Hello. How to use the firejail profile for Tor Browser with Tor Browser installed on Whonix?
Firejail profile for Tor Browser here /etc/firejail/torbrowser-launcher.profile
When I run “firejail torbrowser” Tor Browser runs with /etc/firejail/default.profile But default.profile not the best solution. There is full access to the home folder.
I think this is because Whonix Tor Browser installed here ~/.tb/
Paths for Tor Browser in torbrowser-launcher.profile here ~/.config/torbrowser and ~/.local/share/torbrowser
I tried to change paths and did other combinations, but it not work.

You can use

firejail --profile=/etc/firejail/start-tor-browser.profile torbrowser

If that command fails for whatever reason, follow the instructions here and and the above command (without the torbrowser part).

1 Like

Instructions works.
I read a lot of different reviews about the Firejail.
If I understand correctly when using the Firejail + Tor Browser it is harder to crack (use exploits for example) but it is easier to get root if hacked.
If only the Tor Browser is hacked, the hacker will not get the root?

Firejail sandboxes applications to make malware harder to break out of them and increase security.

Firejail does add a lot of attack surface so it may make it easier for malware to get root access but currently, there are not many (if any at all) known vulnerabilities like that.

1 Like