Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] sandboxing web browsers

On 6/21/2015 3:23 PM, Tom Metro wrote:
> It's no worse than the previously mentioned solution that required sudo
> to switch to a dedicated browser user. If you are running a shared

Docker is "sudo root". Dedicated Firefox user is "sudo !root".
That's a huge difference.


> That's the recommended philosophy for using Docker in production
> environments, but Docker also works perfectly well in a copy-on-change
> model, just like a VM. Update the browser in-situ. (You can save the
> state of the container if you want to be able to instantiate (or share)
> clones of the updated container image.)

Docker does not work "perfectly well" in the first place in my experience.

-- 
Rich P.
BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix / webmaster@blu.org