Does running Firefox inside firejail provide the same level of isolation in comparison to a Virtual Machine? #4636
-
|
I am running Firefox & all the other installed apps inside firejail. I mean each time I install a new app I run So Firefox inside Virtualbox Vs Firefox running inside a full blown distro inside Virtualbox which provides better isolation ? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
A VM has much more isolation then a sandbox like firejail or containers like docker. Running firefox inside firejail will use the same basesystem, kernel, network namespace, hardware, ... while a VM will have it's on basesystem, kernel, network namespace and virtual hardware. TL;DR: VMs have much more isolation and security at the cost of a much higher resource consumption and lower convenience. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for your unbiased answer. Fact is that's bad news for me. I have only 4GB of Ram & I am really short in cash right now so can't buy new Ram. I installed Lubuntu inside Virtualbox & then tried browsing the web using the VM but within like half an hour the host (Mint) started using swap & my desktop hanged. The only way out of that was using REISUB. |
Beta Was this translation helpful? Give feedback.
-
|
I did not tried this yet, but maybe it works for you: https://katacontainers.io/. |
Beta Was this translation helpful? Give feedback.
A VM has much more isolation then a sandbox like firejail or containers like docker.
Running firefox inside firejail will use the same basesystem, kernel, network namespace, hardware, ... while a VM will have it's on basesystem, kernel, network namespace and virtual hardware.
TL;DR: VMs have much more isolation and security at the cost of a much higher resource consumption and lower convenience.