On 08/08/2024 19:44, UDENIX wrote:
https://www.bleepingcomputer.com/news/security/18-year-old-security-flaw-in-firefox-and-chrome-exploited-in-attacks/
I wonder if the sandboxing of Chromium and Firefox on OpenBSD will
prevent it from being affected by this vulnerability.
If you can open LAN pages in your Firefox, then most it will not prevent it.
However, on Linux, running a browser via: firejail
--netfilter=/etc/firejail/nolocal.net will prevent this. That's how I've
been running firefox on my Linux box for years now, it's a simple
shortcut edit change to add firejail. Firejail is very similar to pledge
and unveil, but works in the kernel, not baked in the source code of the
package.
--
With kindest regards, Piotr.
