Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] sandboxing web browsers



Richard Pieri wrote:
> Tom Metro wrote:
>> It's no worse than the previously mentioned solution that required sudo
>> to switch to a dedicated browser user. If you are running a shared
> 
> Docker is "sudo root". Dedicated Firefox user is "sudo !root".
> That's a huge difference.

The Docker daemon runs as root. If the non-privileged user starting FF
is put in the docker group and allowed to start any container, then yes,
they have root. If instead a SetUID script or sudo rule is used to
launch a specific container, which does not launch a root shell, then
the resulting container and FF process won't have root privileges.

In both cases you are using a root-level tool (sudo or Docker) to
perform a privilege escalation in a controlled fashion to allow user X
to execute a process as user Y.

Anyway, in a single user system, you presumably already have sudo on
your own machine, so this is a pointless distinction. (If you don't make
use of the docker group and use sudo to run your docker commands, its no
more of a security threat than anything else you run with sudo.)

The more interesting question is which option better contains the
Firefox process.


> Docker does not work "perfectly well" in the first place in my experience.

That may very well be your experience. But some of us use it daily and
find that it does the intended job.

 -Tom

-- 
Tom Metro
The Perl Shop, Newton, MA, USA
"Predictable On-demand Perl Consulting."
http://www.theperlshop.com/



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org