Introducing
The Slant team built an AI & it’s awesome
Find the best product instantly
Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to Safari
Try it now
4.7 star rating
0
Linux
Security & Privacy
What are the best FLOSS Sandboxing Apps for Security/Privacy and Daily Usage, Linux?
7
Options
Considered
81
User
Recs.
Jun 11, 2023
Last
Updated
Related Questions
Activity
Have feedback or ideas?
Join our community
on Discord
Ad
5
Options
Considered
Best FLOSS Sandboxing Apps for Security/Privacy and Daily Usage, Linux
Price
Based On
Default Desktop Environment
--
Qubes OS
-
Fedora
Anything is possible
--
FireJail
0
-
-
--
Virtual Box
Free
-
-
--
Flatpak
-
-
-
--
SnapCraft
FREE
-
-
See Full List
--
Qubes OS
My Rec
ommendation
for
Qubes OS
My Recommendation for
Qubes OS
All
8
Pros
4
Cons
3
Specs
Top
Con
•••
Limited DE options
Their supported DEs, which currently include XFCE, KDE, i3WM, and Awesome WM, are limited and seem fiddly.
See More
Top
Pro
•••
Whonix out of box
See More
Specs
Based On:
Fedora
Default Desktop Environment:
Anything is possible
Top
Con
•••
Full OS; Not an App Sandbox system for Linux in general
Qubes is a full OS; its package manager/AppVM system is intrinsically part of it and is not a portable linux app sandbox system.
See More
Top
Pro
•••
Allows using differents OS seamlessly using virtualization
See More
Top
Con
•••
Many issues
Must change OS and not fully FLOSS as it uses Fedora. Plus it only supports XFCE and KDE Desktop Environments. Very slow.
See More
Top
Pro
•••
Allows you to easily compartmentalize different applications using virtualization
More info here.
See More
Top
Pro
•••
Very secure with Whonix support
See More
Hide
See All
Get it
here
Recommend
9
1
--
FireJail
My Rec
ommendation
for
FireJail
My Recommendation for
FireJail
All
5
Pros
3
Cons
2
Top
Con
•••
Hard to use
Not very easy to set up, may require terminal usage.
See More
Top
Pro
•••
Advanced sandboxing
See More
Top
Con
•••
Primarily command-line driven
See More
Top
Pro
•••
No problem running graphical programs
Games and video-accelerated programs have no problems running in the jail.
See More
Top
Pro
•••
Very flexible with little overhead
See More
Hide
See All
0
Recommend
9
2
--
Virtual Box
My Rec
ommendation
for
Virtual Box
My Recommendation for
Virtual Box
All
12
Experiences
1
Pros
7
Cons
4
Top
Con
•••
OS virtualization, not app sandboxing.
This will provide you with a sandboxed VM, but that VM is an entire OS, not simply an app with limited access. This means no sharing of libraries, no minimal dependency packaging, and your configuration per host is entirely your problem. It can be used to provide single app sandboxing, but this is not VBox's purpose.
See More
Top
Pro
•••
Works well and fast for Windows host and Linux guest
See More
CompassionateErlangShen's Experience
incorrectly classified
See More
Top
Con
•••
Lacks video performance
Virtualbox has a hard cap of 256MB of video memory. This could make newer operating systems run slower.
See More
Top
Pro
•••
Can do snapshots
See More
Top
Con
•••
Minimal CPU customization
You can only enable/disable certain features. You cannot cap the speed of the CPU, which is required to run systems such as Windows 95.
See More
Top
Pro
•••
Many free images available
Though most are linux flavors at https://virtualboxes.org/ Oracle's virtualbox site has others.
See More
Top
Con
•••
Slow and low graphics
Very slow and may take a toll on graphics. If you need to run many VMs, try QubesOS.
See More
Top
Pro
•••
Free and open source
See More
Top
Pro
•••
Beginner friendly
A virtual machine can be set up in minutes if a ISO file to load is already available.
See More
Top
Pro
•••
A lot of customization
VirtualBox has multiple virtualization options. Each one may be tailored to the guest operating system’s needs. This makes it especially good on virtualizing older systems, such as DOS, obscure distros, etc.
See More
Top
Pro
•••
Very secure
See More
Hide
See All
Free
Recommend
4
4
--
Flatpak
My Rec
ommendation
for
Flatpak
My Recommendation for
Flatpak
All
17
Experiences
4
Pros
8
Cons
4
Specs
Top
Pro
•••
Cross-distribution
You can install flatpak packages on any distro you want.
See More
Top
Con
•••
Bloated
Due to the way Flatpack handles packaging, this can lead to a large cache being created which quickly inflates to unreasonable sizes. Not only this, but using flatpack requires a large chunk of space to be reserved for it's own file hierarchy.
See More
Anon's Experience
Supported my most distros out of the box, and painless on Arch.
See More
Specs
Default Repository:
FlatHub.org
Initial Maintainer:
Alex Larsson
Top
Pro
•••
Application sandboxing
All applications are limited to a set of predefined permissions, enhancing privacy and security.
See More
Top
Con
•••
Flatpak's sandbox is flimsy
While there are attempts to try and keep Flatpak applications secure, most applications have filesystem=host, filesystem=home or device=all permissions, which allows the application to write to the disk anyway, meaning that one malicious update to an application can lead to a major security issue.
See More
Lewis Crichton's Experience
I've used Flatpak in the past, it's not a great tool. You can break out of the sandbox very easily because of the permissions that most applications ask for.
See More
Top
Pro
•••
Flexible runtime management
You can install a lot of runtimes for different apps, making applications a lot more compatible while still allowing some applications to share their runtimes.
See More
Top
Con
•••
Not as efficant as the distros regular repository apps
See More
nicwow's Experience
Designed and Developed for Security
See More
Top
Pro
•••
Installation is painless, even on arch.
See More
Top
Con
•••
Only for Flatpak-based applications
This software only works with Applications that support it. They have a repository you can look at here: https://flathub.org/
See More
Capuccino 's Experience
While Flatpak is a nice sandbox approach, I don't see Flatpak really taking off compared to Snaps. Flatpak packages are bloated compared to Snap counterparts, Sandbox is easily breakable (too weak sandboxing), and its very flimsy in support compared to other distro-agnostic packages.
See More
Top
Pro
•••
You can self host flatpak repositories
See More
Top
Pro
•••
Well supported across the majority of distros
See More
Top
Pro
•••
Ability to install apps as non-root user
You can install an app as a non-root user with calling "flatpak install --user ...". So no need for root rights, and better security.
See More
Top
Pro
•••
Wide variety of apps supported with easy graphical discovery & install
Flathub's repository has (at time of writing) 1082 apps available, including almost every popular linux GUI software I've ever searched for. It integrates into most linux DEs very well, and is fully supported by gnome-software, plasma-discover & others, allowing easy graphical package management in any DE.
See More
Hide
See All
Get it
here
Recommend
13
6
--
SnapCraft
My Rec
ommendation
for
SnapCraft
My Recommendation for
SnapCraft
All
20
Experiences
4
Pros
4
Cons
11
Specs
Top
Pro
•••
Built in sandboxing
Snapcraft is designed with isolation and security in mind. All system and library definitions are defined from the core snap package instead of the host's, adding a security layer. Snaps are also designed not to arbitrarily access the host FS unless the snap is a classic snap.
See More
Top
Con
•••
Hard to use external "stores"
SnapCraft allows you to set up a "store" (repository) but it's very difficult to add.
See More
Lewis Crichton's Experience
SnapCraft. I don't use it enough to write a full review but I've used enough to give my pros and cons.
See More
Specs
Default Repository:
SnapCraft.io
Initial Maintainer:
Canonical
Top
Pro
•••
Auto-updates periodically
Snaps are designed to auto-update. You can trigger the update, however, with snap refresh.
See More
Top
Con
•••
Might have a mismatch with your GTK/KDE theming
As Snaps don't have access to your system preferences, they will use the default settings or whatever was on the core snap package. This can be rectified by installing the gtk-themes-common package.
See More
Capuccino 's Experience
Snaps is a well-authored, well-engineered isolation-capable distro-agnostic packaging. You do pay desktop incosistency with security, but you get a whole lot of stuff in your plate with SnapCraft. All it needs is custom repositories and a easier way to add those.
See More
Top
Pro
•••
SnapCraft is maintained regularly
the default marketplace - SnapCraft.io, is maintained regularly with fresh new software. You can find many development tools and software from SnapCrafters or from the publishers of the software themselves.
See More
Top
Con
•••
Proprietary feature
Snap is not completely open source as a lot of people may think, the server-side is completely proprietary also is the audit part.
See More
Ajay Kumar Rawani's Experience
Awesome !
See More
Top
Pro
•••
Integration with Store applications
GNOME Software and Ubuntu Software has a tight integration to Snaps, just like Flatpak, making installing the apps easier.
See More
Top
Con
•••
Security issue
Snapcraft cares more about the developer/publisher than the code and it can lead to malware and other security issues.
See More
nicwow's Experience
SnapCraft Applications Cannot be Installed Except from the SnapCraft repository. At least that I am aware of.
See More
Top
Con
•••
You need to have root access to install apps
As a non-root user you cannot install apps to have a try.
See More
Top
Con
•••
Some distributions has outdated version of snapd
Distributions like Fedora might have a outdated version of snapd. However, this is not a case to be worried as some distributions will update when notified of a new release.
See More
Top
Con
•••
Slow startup for first-time init
It may take time for the snaps to load when launched first-time, succeeding inits will be faster.
See More
Top
Con
•••
Requires a one-time installation of the core snap package
The Core snap package is the heart of Snaps. This is always a required installation for first time Snap installs as it is a price you pay for using Snaps and its security advantages. However, this snap package is very small (around 65MB) so it should not worry you.
See More
Top
Con
•••
Snap makes boot slow
Snap slows down boot process by adding more time to it to complete due to a lot of daemons and services created.
See More
Top
Con
•••
Built-in telemetry
Snaps have built-telemetry, this is how they know how many and what distros are using snap.
See More
Top
Con
•••
Bad if using limited/slow internet
Snaps need to download MB to GB of stuff.
See More
Hide
See All
FREE
Recommend
12
13
Don't see your favorite option? Add it.
--
Docker
My Rec
ommendation
for
Docker
My Recommendation for
Docker
Get it
here
Recommend
3
1
--
FireFall
My Rec
ommendation
for
FireFall
My Recommendation for
FireFall
Get it
here
Recommend
3
1
See flagged products
Hide flagged products
Built By the Slant team
Find the best product instantly.
4.7 star rating
Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to Safari
Try it now - it's free
One sec!
Are you sure that you want to abandon your hard work?
Delete Work
Continue working
{}
undefined
url next
price drop