Package: firejail Version: 0.9.38-1 Severity: wishlist
At the moment there is no way to make all programs start with firejail automatically. Beginner users can't be expected to start a terminal every time they want to launch a program. This usability problem can be a hurdle for widespread adoption.
The suggestion in firejail documentation is to create a symlink between a binary's folder and firejail but unfortunately this solution is not maintainable on its own because package upgrades will overwrite the symlinks.
I propose instead for a set of (optionally enabled) dpkg wrapper scripts that rely on config-package-dev to maintain symlinks of the protected programs across package updates. config-package-dev uses the dpkg-divert operation for moving packaged files to alternative locations.
https://debathena.mit.edu/config-packages/