Hi misc, I was wondering if you could give me some input about the following security matter. It seems to me that using a web-browser, an email client, and a chat client (if permitted at all) are the un-safest forms of interaction of a typical desktop user with his/hers computer. Apart of standard protective techniques as using a web-proxy is there are any benefit in running web-browser in chroot environment per user? It looks to me no, especially in a light of the fact that application must have the access to X server. Could anybody elaborate on what would be a typical desktop application, if any, which would be a good candidate for chroot.
Thanks, Predrag
