github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #303] Suggestion: possible to have some indication on program window that it's sandboxed? #211

New issue
Closed
opened 2026-05-05 05:19:58 -06:00 by gitea-mirror · 8 comments
gitea-mirror commented 2026-05-05 05:19:58 -06:00
Owner
Copy link

Originally created by @RonCam on GitHub (Feb 19, 2016).
Original GitHub issue: https://github.com/netblue30/firejail/issues/303

I installed firejail/firetools for first time, and opened a sandboxed instance of Firefox through the Firetools icon. Very nice!!

I note -- unless I'm missing something -- a sandboxed program looks identical to one running without protection. Is there any thought of having some sort of visual indication -- of any type -- that would reassure the user, that he or she really was, in fact, running a sandboxed instance?

Sandboxie early on did 'something' -- forget exactly what, maybe 'brackets' -- to the window's title, then later put a colored outline around the window's border. This was configurable in Preferences.

I suppose with GNU/Linux it may be difficult given the variety of desktop environments. But, do you think it's possible to give the user a visual alert, in some other way?

Originally created by @RonCam on GitHub (Feb 19, 2016). Original GitHub issue: https://github.com/netblue30/firejail/issues/303 I installed firejail/firetools for first time, and opened a sandboxed instance of Firefox through the Firetools icon. Very nice!! I note -- unless I'm missing something -- a sandboxed program looks identical to one running without protection. Is there any thought of having some sort of visual indication -- of any type -- that would reassure the user, that he or she really was, in fact, running a sandboxed instance? Sandboxie early on did 'something' -- forget exactly what, maybe 'brackets' -- to the window's title, then later put a colored outline around the window's border. This was configurable in Preferences. I suppose with GNU/Linux it may be difficult given the variety of desktop environments. But, do you think it's possible to give the user a visual alert, in some other way?
gitea-mirror 2026-05-05 05:19:58 -06:00
gitea-mirror commented 2026-05-05 05:20:04 -06:00
Author
Owner
Copy link

@genodeftest commented on GitHub (Feb 19, 2016):

For Gtk+ applications:
For Gtk+ 2.x and 3.x applications you could do this on the client side but you would need to load a module into each firejailed application (See documentation on GTK3_MODULES).
I don't know about how this could work in Qt.

On the other hand you could implement this for your window manager, which probably doesn't work on Gtk+ 3.x applications since some of them can only use client side window decorations (see docs for gtk_window_set_decorated()). So with your window manager involved you could just display some symbol beside/above the window, which will probably break the application in some cases. Maybe you know the Exclamation mark symbol Java applets on Windows have (had?) when running a separate window: [http://www.java-gaming.org/index.php?topic=19525.0]. This was done to warn users about possibly malicious applications.
Implementing this in Gnome-Shell should be quite easy. But you would need another implementation for many other window managers…

Qubes OS, a highly secure/paranoid Linux based OS has some kind of support for that, I haven't looked into how they realized it, but probably through their window manager: Screenshots

<!-- gh-comment-id:186145764 --> @genodeftest commented on GitHub (Feb 19, 2016): For Gtk+ applications: For Gtk+ 2.x and 3.x applications you could do this on the client side but you would need to load a module into each firejailed application (See documentation on [`GTK3_MODULES`](https://developer.gnome.org/gtk3/stable/gtk-running.html)). I don't know about how this could work in Qt. On the other hand you could implement this for your window manager, which probably doesn't work on Gtk+ 3.x applications since some of them can only use client side window decorations (see [docs for `gtk_window_set_decorated()`](https://developer.gnome.org/gtk3/stable/GtkWindow.html#gtk-window-set-decorated)). So with your window manager involved you could just display some symbol beside/above the window, which will probably break the application in some cases. Maybe you know the Exclamation mark symbol Java applets on Windows have (had?) when running a separate window: [http://www.java-gaming.org/index.php?topic=19525.0]. This was done to warn users about possibly malicious applications. Implementing this in Gnome-Shell should be quite easy. But you would need another implementation for many other window managers… [Qubes OS](https://www.qubes-os.org/), a highly secure/paranoid Linux based OS has some kind of support for that, I haven't looked into how they realized it, but probably through their window manager: [Screenshots](https://www.qubes-os.org/screenshots/)
gitea-mirror commented 2026-05-05 05:20:06 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Feb 19, 2016):

For programs running in a terminal is already implemented in the window title. For GUI programs it has to come from the window manager or from the application itself.

<!-- gh-comment-id:186218821 --> @netblue30 commented on GitHub (Feb 19, 2016): For programs running in a terminal is already implemented in the window title. For GUI programs it has to come from the window manager or from the application itself.
gitea-mirror commented 2026-05-05 05:20:09 -06:00
Author
Owner
Copy link

@RonCam commented on GitHub (Feb 19, 2016):

@netblue30 : Thanks, first of all for Firejail, and second, thanks for the comment. On my installation, Firetools brings up xterm. Nothing different in the window title, but I do see square-brackets in the command prompt. This is similar to an early indicator used by Sandboxie.
@genodeftest : I was thinking the same as you, about an interaction with the window manager -- probably the way you said it is more accurate than my reference to working on different desktop environments. Yes, Gnome is very popular.

I happen to be running KDE. Do you think implementing this in KDE would also be quite easy? Something the end user could do, on his own system? I would be interested to learn more ...

Reason for my asking: The KDE start menu (Kickoff Application Launcher) has one section where 'Favorites' (frequently-used programs) are listed, and another section where the applications are listed by category. Right-click on the menu opens 'Edit Applications' and here I am opening any program that touches the Internet and prefixing 'Firejail' to its command. You can't separately edit the 'Favorites' section, however.

So, I started Firefox from Favorites, but then when I looked at its window, I realized I had no way of knowing, was this instance sandboxed -- or not??

<!-- gh-comment-id:186243511 --> @RonCam commented on GitHub (Feb 19, 2016): @netblue30 : Thanks, first of all for _Firejail_, and second, thanks for the comment. On my installation, _Firetools_ brings up _xterm_. Nothing different in the window title, but I do see square-brackets in the command prompt. This is similar to an early indicator used by Sandboxie. @genodeftest : I was thinking the same as you, about an interaction with the window manager -- probably the way you said it is more accurate than my reference to working on different desktop environments. Yes, Gnome is very popular. I happen to be running KDE. Do you think implementing this in KDE would also be quite easy? Something the end user could do, on his own system? I would be interested to learn more ... Reason for my asking: The KDE start menu (Kickoff Application Launcher) has one section where 'Favorites' (frequently-used programs) are listed, and another section where the applications are listed by category. Right-click on the menu opens 'Edit Applications' and here I am opening any program that touches the Internet and prefixing 'Firejail' to its command. You can't separately edit the 'Favorites' section, however. So, I started Firefox from Favorites, but then when I looked at its window, I realized I had no way of knowing, was this instance sandboxed -- or not??
gitea-mirror commented 2026-05-05 05:20:11 -06:00
Author
Owner
Copy link

@genodeftest commented on GitHub (Feb 19, 2016):

@RonCam QubesOS is using KDE and Xfce (alternatively) so yes, this is possible with KDE. Although I don't know how and I don't now how portable it is. You can find this patch for KDE here: https://github.com/QubesOS/qubes-desktop-linux-kde/tree/master/plastik-for-qubes

<!-- gh-comment-id:186251726 --> @genodeftest commented on GitHub (Feb 19, 2016): @RonCam QubesOS is using KDE and Xfce (alternatively) so yes, this is possible with KDE. Although I don't know how and I don't now how portable it is. You can find this patch for KDE here: https://github.com/QubesOS/qubes-desktop-linux-kde/tree/master/plastik-for-qubes
gitea-mirror commented 2026-05-05 05:20:14 -06:00
Author
Owner
Copy link

@RonCam commented on GitHub (Feb 19, 2016):

@genodeftest : QubesOS is also using Fedora (rpm) and I have LinuxMint (deb). However, the KDE is a match. I believe it's possible to convert packages from from rpm to deb? So then, the patch could be applied.
Is QubesOS using Firejail? Or do we think this patch would only work, with whatever QubesOS is using? If they're both using Firejail, or something compatible, then it could work. Have you any advice on this point?

<!-- gh-comment-id:186271649 --> @RonCam commented on GitHub (Feb 19, 2016): @genodeftest : QubesOS is also using Fedora (rpm) and I have LinuxMint (deb). However, the KDE _is_ a match. I believe it's possible to convert packages from from rpm to deb? So then, the patch could be applied. Is QubesOS using Firejail? Or do we think this patch would only work, with whatever QubesOS is using? If they're both using Firejail, or something compatible, then it could work. Have you any advice on this point?
gitea-mirror commented 2026-05-05 05:20:18 -06:00
Author
Owner
Copy link

@RonCam commented on GitHub (Feb 19, 2016):

Ah ... I'm reading the QubesOS documentation more carefully, and the different window border colors are triggered by changing to a different Virtual Machine -- apparently nothing to do with different namespaces. If I'm correct in my understanding of Firejail, then the principles the qubesOS patch uses to color the window borders may be helpful, but not the patch itself ... any comments will be welcome.

<!-- gh-comment-id:186294663 --> @RonCam commented on GitHub (Feb 19, 2016): Ah ... I'm reading the _QubesOS_ documentation more carefully, and the different window border colors are triggered by changing to a different Virtual Machine -- apparently nothing to do with different _namespaces_. If I'm correct in my understanding of _Firejail_, then the _principles_ the _qubesOS_ patch uses to color the window borders may be helpful, but not the patch itself ... any comments will be welcome.
gitea-mirror commented 2026-05-05 05:20:20 -06:00
Author
Owner
Copy link

@genodeftest commented on GitHub (Feb 19, 2016):

QubesOS is not using firejail, but I wanted to show that this can be done and already is done. The code just uses different criteria (QubesOS: which virtual machine is this app running in?) than you'd like to have for firejail (Is this application sandboxed?). Of course this code has to be modified

<!-- gh-comment-id:186368499 --> @genodeftest commented on GitHub (Feb 19, 2016): QubesOS is not using firejail, but I wanted to show that this can be done and already is done. The code just uses different criteria (QubesOS: which virtual machine is this app running in?) than you'd like to have for firejail (Is this application sandboxed?). Of course this code has to be modified
gitea-mirror commented 2026-05-05 05:20:21 -06:00
Author
Owner
Copy link

@RonCam commented on GitHub (Feb 20, 2016):

As I am becoming more accustomed to using Firejail with Firetools, I now see a user who wanted to be sure any given program is really sandboxed could open the Firetools context menu, select Tools, open 'Sandbox List' and see if the program's name appears in the 'Command' column.

So that could be a work-around, although it would be nice to verify a program's status immediately, just by looking at the window in which it's running.

With that, for now, the problem is resolved with a work-around.

<!-- gh-comment-id:186470990 --> @RonCam commented on GitHub (Feb 20, 2016): As I am becoming more accustomed to using _Firejail_ with _Firetools_, I now see a user who wanted to be sure any given program is _really_ sandboxed could open the _Firetools_ context menu, select Tools, open 'Sandbox List' and see if the program's name appears in the 'Command' column. So that could be a work-around, although it would be nice to verify a program's status immediately, just by looking at the window in which it's running. With that, for now, the problem is resolved with a work-around.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#211
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?