Replies: 1 comment 4 replies
-
You can not start a new sandbox inside a sandbox (firejail always inherits). Therefore you need to start the node script in an unsandboxed context. You could run WebStorm unsandboxed (Personally I don't understand why IDE should we "sandboxed". The sandbox for IDEs is always (very) weak because they need to run/debug/compile/test/... any code.) or you use #!/bin/sh
systemd-run --user --quiet --no-block /usr/bin/firejail --profile=nodejs /usr/bin/nodejs "$@" IDK how WebStorm works, maybe you can directly configure to use this command or you place it in 1 The |
Beta Was this translation helpful? Give feedback.
-
The Node scripts I run have no reason to access
~/.ssh
, and thenodejs-common
profile rightfully blacklists that directory.WebStorm however, is permitted to access
~/.ssh
(rightfully).The problem arises when debugging Node scripts with WebStorm:
How could I blacklist additional directories from the Node script when it's launched by WebStorm?
Beta Was this translation helpful? Give feedback.
All reactions