github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #99] Please add an Profile for Skype #58

New issue

Closed

opened 2026-05-05 04:55:10 -06:00 by gitea-mirror · 7 comments

gitea-mirror commented

2026-05-05 04:55:10 -06:00

Owner

Originally created by @Micha-Btz on GitHub (Oct 25, 2015).
Original GitHub issue: https://github.com/netblue30/firejail/issues/99

Hi There,

please add an Profile for Skype. I tried on my own, but i cant get it to work.

Micha

Originally created by @Micha-Btz on GitHub (Oct 25, 2015). Original GitHub issue: https://github.com/netblue30/firejail/issues/99 Hi There, please add an Profile for Skype. I tried on my own, but i cant get it to work. Micha

gitea-mirror

2026-05-05 04:55:10 -06:00

closed this issue
added the
enhancement
label

gitea-mirror commented

2026-05-05 04:55:20 -06:00

Author

Owner

@reinerh commented on GitHub (Oct 26, 2015):

This could be the same problem as #86, as skype is also only available as 32-bit package.

@reinerh commented on GitHub (Oct 26, 2015): This could be the same problem as #86, as skype is also only available as 32-bit package.

gitea-mirror commented

2026-05-05 04:55:23 -06:00

Author

Owner

@netblue30 commented on GitHub (Oct 26, 2015):

It has the same 32bit/64bit seccomp problem as wine and steam. Can you please try:

$ firejail --noprofile skype

This should disable seccomp for now.

@netblue30 commented on GitHub (Oct 26, 2015): It has the same 32bit/64bit seccomp problem as wine and steam. Can you please try: ``` $ firejail --noprofile skype ``` This should disable seccomp for now.

gitea-mirror commented

2026-05-05 04:55:27 -06:00

Author

Owner

@Micha-Btz commented on GitHub (Oct 26, 2015):

is working.
firejail --noprofile skype

But if it makes sence?

As far is i am understand, i can secure some dirs and files to denied the access to it.

@Micha-Btz commented on GitHub (Oct 26, 2015): is working. `firejail --noprofile skype` But if it makes sence? As far is i am understand, i can secure some dirs and files to denied the access to it.

gitea-mirror commented

2026-05-05 04:55:30 -06:00

Author

Owner

@netblue30 commented on GitHub (Oct 26, 2015):

This is great news! It means we are 90% done. This is how the sandbox works:

First, it configures a new home directory (blacklists, whitelists etc.) It is basically a chroot created on the fly.

Second, a seccomp filter will prevent the intruder to escape the chroot.

Third, just in case he managed to remove the chroot, a Linux capabilites (man 7 capabilities) filter is installed. This disables kernel module loading, filesystem mounts, changing networking system etc. Basically all sysadmin actions are disabled.

The only thing we are missing is the seccomp filter. It will come in the next few days. By the end of the week we should be all done. Until then, run it like this:

$ firejail --noprofile --caps.drop=all skype

I'll comment here on this thread when seccomp is in. Thanks.

@netblue30 commented on GitHub (Oct 26, 2015): This is great news! It means we are 90% done. This is how the sandbox works: First, it configures a new home directory (blacklists, whitelists etc.) It is basically a chroot created on the fly. Second, a seccomp filter will prevent the intruder to escape the chroot. Third, just in case he managed to remove the chroot, a Linux capabilites (man 7 capabilities) filter is installed. This disables kernel module loading, filesystem mounts, changing networking system etc. Basically all sysadmin actions are disabled. The only thing we are missing is the seccomp filter. It will come in the next few days. By the end of the week we should be all done. Until then, run it like this: ``` $ firejail --noprofile --caps.drop=all skype ``` I'll comment here on this thread when seccomp is in. Thanks.

gitea-mirror commented

2026-05-05 04:55:32 -06:00

Author

Owner

@netblue30 commented on GitHub (Oct 26, 2015):

Sorry, something else you can try. Build a skype profile in your home directory:

cd ~
mkdir -p .config/firejail
cd .config/firejail
cp /etc/firejail/generic.profile skype.profile

Then, open skype.profile file in a text editor and comment out seccomp line (add a # in front of the line). Somebody just submitted a patch with a similar profile for steam.

@netblue30 commented on GitHub (Oct 26, 2015): Sorry, something else you can try. Build a skype profile in your home directory: ``` cd ~ mkdir -p .config/firejail cd .config/firejail cp /etc/firejail/generic.profile skype.profile ``` Then, open skype.profile file in a text editor and comment out seccomp line (add a # in front of the line). Somebody just submitted a patch with a similar profile for steam.

gitea-mirror commented

2026-05-05 04:55:36 -06:00

Author

Owner

@Micha-Btz commented on GitHub (Oct 26, 2015):

works, so it protect my files. thats enough for me

@Micha-Btz commented on GitHub (Oct 26, 2015): works, so it protect my files. thats enough for me

gitea-mirror commented

2026-05-05 04:55:40 -06:00

Author

Owner

@netblue30 commented on GitHub (Oct 27, 2015):

Fixed, skype profile included.

@netblue30 commented on GitHub (Oct 27, 2015): Fixed, skype profile included.

gitea-mirror referenced this issue

2026-05-05 10:03:26 -06:00

[PR #148] [MERGED] Add '"' chars around every argument passed to bash #3547

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#58

No description provided.

Rows
Columns