IgnorantGuru's Blog

Linux software, news, and tips

Sandfox Update

Sandfox 1.0.9 is available. This minor update includes the following changes:

  • a default profile has been added for Google-Earth (due to its closed source nature, it is valuable to sandbox it). Alternatively, you can run GE in the same sandbox you run Firefox in if you add a few binds to the Firefox profile, or load both profiles when you create the sandbox. Eg:
    sudo sandfox --profile firefox --profile google-earth
  • permissions on /mnt/sandfox are now explicitly set to accommodate users with unusual umasks
  • Sandfox can now use the XAUTHORITY variable to automatically determine the sandbox user (helps when running Sandfox in an su shell on Debian)
  • uuidgen is no longer used, thus removing uuidgen-runtime as a dependency in Debian (uuidgen was merely used to generate a random hex number, which is now done another way)

May 2, 2011 - Posted by | Scripts


  1. How about to make a “dry run” to see which files are accessed and then creating a profile based on it?

    Comment by Ikem | May 26, 2011

    • Not a bad idea. Also note that you can accomplish something similar by running inotifywait in another shell. For example, to see what files in user‘s home folder are being accessed:

          inotifywait -rm /home/user

      Comment by IgnorantGuru | May 27, 2011

Sorry, the comment form is closed at this time.