Hi! Whonix dev here. You may heard of our distro a Tor centric anonymity OS for VMs (whonix.org). I’m excited to see other projects working in the same direction and am looking at potential areas of collaboration.
I’ve been looking at sandboxing solutions like Firejail for a long time now but we haven’t adopted it yet because of potential difficulties in automating it by default and making it easily usable for novices.
Its great to see the progress you guys have made and the number of profiles you’ve created. Also the fact you are contributing back to upstream. Some questions:
*Do you enable firejail to automatically sandbox applications? If so how?
*How do you handle symlink preservation across package updates?
*How easy is it to transfer files a user wants to keep out of the container?
*Is there a problem with having a profile for an application that is yet to be installed?