Date: Wed, 8 Nov 2006 12:41:52 +0000 From: "mal content" <artifact.one@googlemail.com> To: freebsd-security@freebsd.org Subject: Re: Sandboxing Message-ID: <8e96a0b90611080441t2b486637ya10acd5a1dd77690@mail.gmail.com> In-Reply-To: <8e96a0b90611080439n558022edj79febf458494ef6e@mail.gmail.com> References: <8e96a0b90611080439n558022edj79febf458494ef6e@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 08/11/06, mal content <artifact.one@googlemail.com> wrote: > Hi. > > This is mostly hypothetical, just because I want to see how knowledgeable > people would go about achieving it: > > I want to sandbox Mozilla Firefox. For the sake of example, I'm running it > under my own user account. The idea is that it should be allowed to > connect to the X server, it should be allowed to write to ~/.mozilla and > /tmp. > > I expect some configurations would want access to audio devices in > /dev, but for simplicity, that's ignored here. > > All other filesystem access is denied. > > Ready... > > Go! > > MC > I forgot to add: Use of TrustedBSD extensions is, of course, allowed.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8e96a0b90611080441t2b486637ya10acd5a1dd77690>