~Toughbooktalk~

Anybody consider doing this? With the excellent security (NOT) of flash, java and plugins for whatever browser you use, this is a thing I've been doing on my permanent installs. Although I admit I've been slacking lately so I'm revising my Toughbooks.

Why do this? Running stuff in a chroot jail makes sure that if your application runs amok and tries to pwn your system, it won't get very far and access all your files, or worse. The problem is techniques vary and results can be less than perfect if you want to launch a chroot browser in one command or menu item.

I'll have to do some reading on this and try it out. Any tips or pitfalls?

Look into chroot and debootstrap for creating a chrooted environment to play with. The caveats with this is that almost all methods require you to use sudo or edit /etc/sudoers if you want to make launching your browser as simple as possible.

Another method was to launch your browser under an unprivileged user. The point for that was to run the browser process under a bogus user that has access to absolutely nothing but his own files. It's not as secure as a chroot but in my opinion works sufficiently well but the methods could get messy and requires scripts and using xhost to allow this user to connect to the X server to launch the application.

Right now I stumbled upon sandfox http://igurublog.wordpress.com/download ... t-sandfox/ which attempts to make running sandboxed processes much easier. It's quite simple to install but it does require more sudo-ing. I'll look into this and any other easy methods and post back here. Right now I'm going to play with sandfox and attempt to understand how it works.

Interesting. sandfox sort of creates a chrooted environment in temporary mount points in order to isolate and execute applications. It's only working on my desktop PC so far and I haven't tried it on other than my CF-19 Debian workhorse. I am currently taking a closer look at how it copies and saves firefox/iceweasel or other browser profiles between sessions, so that you can keep your bookmarks and plugins intact.

I've been gone for a while, folks. I'm back! I'm going to post the best method for chrooting your browser in a bit, which is a full chroot with debootstrap. Sandfox is proving to be unreliable. I have my desktop PC to setup soon so I'll take notes.

Just to let you guys know I haven't forgotten this. Just been kind of busy. And when I'm not, I just want to disconnect my brain and stay away from keyboards.

Wondering if certain browsers are better than others along with what you are talking about, i.e. this one:
http://www.dillo.org/

Quite possibly. But it's Adobe Flash, Javascript and JRE that are making me paranoid. On Windows, having software silently installed and infect your system by just browsing a site is comically common. I'd like to avoid full access to my files from my browser process on my Linux systems.

I rebuild my systems so often it is not a concern, but have you looked into selinux, and the package "harden". I have just found that one of our professers here at school would like to make a hacking team, he deals with security stuff. When I found out learn stuff from him I will relate it here.

Windows didnt understand ownership and file permissions and as a result the virus/malware/spyware grew.

I will look around and see if I can find anything to help, I was thinking you could write a bash script to launch
everything. There is a command that lists which process is linked to which process, but I cant recall it at the
moment I will find it and then you can pipe its output through grep to a file to track what "browser" it connected or calling to.

Off to class.

The command to find out what files are currently being accessed by a running process is lsof. With no arguments or grepping, it lists all open files.
For example: But that's besides the point. What you need to know is what user can access which files or directories. This is the most basic way to display this info and I am aware that there are better methods.
Login as the non-root user then: Or what can be modified:or executed When a process is launched under that user, such as a child process from a java applett running under your browser, it could technically access all those files and directories. SELinux won't help you since this is just a basic permissions issue. You quite simply don't want untrusted processes to be able to access files and run commands under that user. And don't get me started with an OS that by default allows regular joe user to use sudo without a password.

There were two ways of keeping a process such as a browser to keep from reading files that it shouldn't. One is to run the process under another user and group that doesn't have free reign over the rest of your other user's files. It's not perfect since there are always files every user needs to see such as /etc/passwd and it can still execute any binary or script under that user. The other way is to run its own chroot jail and that is what I am going to explain here.