Web lists-archives.com

Bug#860067: ITP: minijail -- Utility to run a program inside a sandbox




Package: wnpp
Severity: wishlist
Owner: Andrew Pollock <apollock@xxxxxxxxxx>

* Package name    : minijail
  Version         : 1
  Upstream Author : Jorge Lucángeli Obes <jorgelo@xxxxxxxxxxxx>
* URL             : https://www.chromium.org/chromium-os/developer-guide/chromium-os-sandboxing
* License         : BSD
  Programming Lang: C, C++
  Description     : Utility to run a program inside a sandbox

minijail provides a consistent method to sandbox of services and applications,
using a mix of capability restrictions, user ID compartmentalisation, namespace
isolation and seccomp.

It is the sandboxing tool of choice for Chromium OS and Android.

 - why is this package useful/relevant? 
   It's a useful security enhancement that could potentially be used by 
   other packages. There's potential functionality overlap with firejail
 - how do you plan to maintain it? 
   I'm open to maintaining this under collab-maint