> <@cyredanthem:synapse.travnewmatic.com> "Firejail has far too large attack surface and is suid root, which has resulted in plenty of privilege escalation vulnerabilities. > > https://seclists.org/oss-sec/2017/q1/25 > > https://www.cvedetails.com/vulnerability-list.php?vendor_id=16191&product_id=0&version_id=0&page=1 > > Also see this thread in which I have more arguments and the firejail devs themselves acknowledge it adds substantial attack surface https://github.com/netblue30/firejail/issues/3046" I think madaidan wrote this I did