I have completed writing and pretty thoroughly testing this sandbox creator. Written entirely in bash (1300 lines) and using only core commands like mount and chroot for sandbox creation, I believe it is quite secure and fills a niche for an easy to use sandbox for Firefox. It can also create and use multiple sandboxes and can run any program in them with flexible profiles.
The basic idea of a sandbox, for those not familiar, is that Firefox (or whatever app you run in it) can only access the files and folders you specify. This includes Java, Flash, plugins, and other components running under Firefox. Windows7 reportedly runs IE in a sandbox, Chrome runs in a sandbox, and Fedora 12 includes this ability. I haven't found any good easy-to-use tools for doing this on Ubuntu or Arch, which is what led to Sandfox.
Rather than repeating all that's on the website I'll just drop a link - which includes a fairly detailed "How It Works" section. I appreciate feedback on your results with it, suggestions, problems, etc.
http://igurublog.wordpress.com/downl...cript-sandfox/
The basic idea of a sandbox, for those not familiar, is that Firefox (or whatever app you run in it) can only access the files and folders you specify. This includes Java, Flash, plugins, and other components running under Firefox. Windows7 reportedly runs IE in a sandbox, Chrome runs in a sandbox, and Fedora 12 includes this ability. I haven't found any good easy-to-use tools for doing this on Ubuntu or Arch, which is what led to Sandfox.
Rather than repeating all that's on the website I'll just drop a link - which includes a fairly detailed "How It Works" section. I appreciate feedback on your results with it, suggestions, problems, etc.
http://igurublog.wordpress.com/downl...cript-sandfox/
Frankly, I wrote this primarily for my own use, so at least you know I paid attention. (I find the problem with a lot of software is that the devs don't use their own software.) Anyway, thought I would share it because there aren't many easy to use tools for this, and it's a valuable ability.
Comment