[solved] "An existing sandbox was detected. /usr/bin/firefox will run without sandboxing features"

[Opening-Button-8988]

Arch Linux virtual machine (qemu), with linux_hardened kernel. Host is also Arch Linux. I have apparmor installed and enabled.

I am trying to run firefox using firejail, making sure that firefox is adequately sandboxed. But it's not working. The way I've tested that it doesn't work is by downloading a file through firefox (yes, after I ran it using firejail), closing firefox, and then checking that same file using a file manager such as nemo. The file persists, indicating to me that the sandbox did not work. The error is an indication that it's not working.

I have searched all instances of this warning I can find online and I haven't found a solution. Yes, I have seen this referenced as an issue on this very github but the solutions did not work for me. It is commonly attributed to not using the --force parameter, which I used, without success. It still shows the warning. It's also been said that you can't run a sandbox within a sandbox, which isn't the case with my situation (as far as I'm aware). Unless a virtual machine is considered a sandbox. I also made sure to run --list to check if any sandboxes were active, and none were listed. I rebooted a few times, reinstalled a few times, reinstalled and re-enabled apparmor. I have apparmor-utils and apparmor-profiles installed. aa-status and aa-enabled show that apparmor is working. I ran aa-enforce /etc/apparmor.d/*. I ran firejail with the --read-only= parameter (using /, ~ and ~/Downloads/). I used the --force parameter.

I followed this guide and the associated video: https://null-byte.wonderhowto.com/how-to/locking-down-linux-using-ubuntu-as-your-primary-os-part-3-application-hardening-sandboxing-0185710/. I indeed ran firejail --seccomp --nonewprivs --private --private-tmp firefox. I still get the warning and it still doesn't sandbox it properly. I added the --force parameter without success.

Is the problem that I'm using a virtual machine, or maybe linux_hardened kernel? Or maybe apparmor is not installed properly (I'm fairly certain it is)? I installed and configured firejail according to instructions from various sources such as the arch wiki, nullbyte link above, and a few youtube tutorials. Am I doing something wrong?

Lastly, I am on the fence regarding firejail and bubblewrap. Keep in mind I'm still doing my research but I've heard that bubblewrap is more secure, and that firejail is not as reliable because of how easy it is to run without adequately sandboxing it. I know they both have their pros and cons but I'd like a little nudge in the right direction.

[rusty-snake]

--force

Was removed decades ago (as far as i remember the date 😉).

firejail --seccomp --nonewprivs --private --private-tmp firefox

If you run sudo firecfg after the installation, this command will start a sandbox in a sandbox. Try firejail --private /usr/bin/firefox (all other arguments are already in firefox.profile).

[Opening-Button-8988]

I did not get the error after I ran firejail --private /usr/bin/firefox but the downloaded file persists.

EDIT: I did actually get the error, my bad.

Not sure what is going wrong here.

EDIT: Okay, the second time running it, it works. No more persistent files. Thank you!

[rusty-snake]

Keep in mind I'm still doing my research but I've heard that bubblewrap is more secure, and that firejail is not as reliable because of how easy it is to run without adequately sandboxing it.

There are two things, the security of sandboxed programs (i.e. how tight is the sandbox) and the possibility an unsandboxed program can exploit a vulnerability in bubblewrap/firejail.

For the later case (an unsandboxed program exploits a vulnerability in bubblewrap/firejail), bubblewrap wins because of smaller attack surface. If you installed bubblwrap w/o suid bit, the attack surface (for priv-escalation) is practically zero.

For security of the sandbox, firejail wins in my eyes because it's much easier. For bubblewrap you need to know a lot details of a linux system, write your own profiles because there aren't >1000 community maintained profiles (to start with), you need to find a way to handle network stuff (firejail has optional net eth0), you need to setup D-Bus filtering yourself, you need to write and compile seccomp filters yourself, you need to write integration yourself, you need to setup AppArmor/SELinux integration yourself if you want. The most users do not have the knowledge and time to do this and will end up with a much weaker sandbox or a very hacky and brocken sandbox.

Both firejail and bubblewrap allow to start programs unsandboxed.

[Opening-Button-8988]

Is there any benefit to running an app through firejail or bubblewrap without sandboxing it?

[rusty-snake]

It will always have some kind of sandbox. It is then just a curb instead of a 3m reinforced concrete wall.

You can use sandboxing features for side-effects like running multiple instances, working around bugs, ...

[Opening-Button-8988]

Thank you, you've been very helpful.

[Opening-Button-8988]

@rusty-snake Sorry to bother you, but I have a question that is unrelated to the issue posted, but I don't think it warrants creating a new topic. Where do downloaded files go in the sandbox / where is the sandbox actually located on my filesystem? In other words, if I want to transfer a file to/from the sandbox, where would I look? I know it may defeat the purpose of the sandbox, but I'm sure there would be some situation where I would want to do this.

[rusty-snake]

Downloaded files are there where firefox is configured to download them, usually ~/Downloads.

Firejail has a file transfer feature, see man firejail. In addition you can write GUI wrappers around it like #4746 (reply in thread).

In other words, if I want to transfer a file to/from the sandbox, where would I look?

Depends a bit but you can use all shared directories in $HOME.