In case you are tired of yet another unknown web browser vulnerability, you might
try firebox. This small script sets up a chroot environment for firefox which then runs
unprivileged, has no access to suid-files, /proc, /dev, /sys etc and can only create files
inside a loopback mount; so possible exploits triggered from evil websites can't modify
your homedir or system-files (as long as theres no kernel-0day of course :-).
Java, flash and all that sh** is not working yet but that might even be an advantage.
skip to main |
skip to sidebar
Where ya from
Posts
Like c-skills' projects?
Links/Rechts
- this
- my github
- follow me on twitter
- MTU Ninja blog
- Geoff Hustons network blog
- bits please
- my aimful life
- GDR crypto archive
- communists computers
- Top Level Telcos
- Kees' codeblog
- jeffrey carr on cyberwar
- Nion's blog
- packet foo
- grugq's hacker opsec
- c++ blog
- frama-C blog
- lcamtuf's
- Harld Welte's blog
- openbts chronicles
- google security blog
- nerdling sapple
- home.regit.org
- root labs rdist
- xorl %eax, %eax
- Trail of Bits
- Julien's blog
- ithilgore's blog
- Openwall Project
- trapkit
- pagetable.com
- grsecurity
- recurity lablog
- Halvars blog
- OSS Security Wiki
- Modern C++ stories
- C++ Core Guidelines
- phoronix news
- coindesk
- distrowatch
- Fefe's blog
Blog Archive
About Me
- Sebastian
- Disclaimer: This is my personal and private weblog. The views expressed on this website/weblog are mine alone and do not necessarily reflect the views of my employer.
3 comments:
well done, herr sepp! ;)
I agree with you about these. Well someday Ill create a blog to compete you! lolz.
Don't forget about X11 holes. Firefox can still talk to your X server (which runs as root and with extra I/O privileges), right?
Post a Comment