2 comments

[ 3.6 ms ] story [ 19.7 ms ] thread
I presume “jail” In this context derived from FreeBSD jails. The Free/Open/NetBSD systems are generally easier to harden against attacks than Linux distros (in part because the are full operating systems and not “kernel distros”). I wonder if security consciousness could be the impetus needed to get users looking at *BSD for desktop use in high security environments.
Honestly, I don't think that will happen. Both firejail and bwrap are not exactly secure (if you have suid bwrap installed, you get local root exploit every year) and the "jails" especially as utilized with bwrap using flatpaks are nothing like FreeBSD jails and firejail uses traditionally whitelists, not blacklists (which I think is better suited for desktop) but that just shows that most users do not want full jails for desktop, which makes sense afterall.