Lampshade writes: > Is it possible, in theory, to use pledge(2) to make something similar to fire > jail? > https://packages.debian.org/sid/main/firejail > Firejail is a Gnu/Linux's program which executes Firefox as it's descendant > with reduced privilages. > For example I would like to restrict Firefox to not write and read to directo > ry > outside /home/firefox directory. Let's assume that I run firefox as another u > ser than > my normal account. I would restrict, using traditional Unix privilages, Firef > ox > and all its descendants, logging as another user to regain privilages to > for example to /home/open. I imagine that would still leave huge attack vecto > r > to pown system and/or sniff password, but I think it is better than nothing.
After the recent Firefox pdf.js exploit (where malicious PDFs on an ad server were reading files under ~, including ssh keys), I started running Firefox as its own user, and tightened the permissions on my home directory so Firefox can't access it. There's a large class of attacks this doesn't help against (anything that uses X to access keystrokes or similar) but it stops a large set of potential Firefox exploits right away with nothing but Unix filesystem permissions. http://lists.dragonflybsd.org/pipermail/users/2015-August/228324.html -- Anthony J. Bentley