From owner-freebsd-questions@FreeBSD.ORG Sat Jan 9 18:37:51 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7DFE2106568D for ; Sat, 9 Jan 2010 18:37:51 +0000 (UTC) (envelope-from kraduk@googlemail.com) Received: from mail-fx0-f227.google.com (mail-fx0-f227.google.com [209.85.220.227]) by mx1.freebsd.org (Postfix) with ESMTP id 138708FC1D for ; Sat, 9 Jan 2010 18:37:50 +0000 (UTC) Received: by fxm27 with SMTP id 27so5575263fxm.3 for ; Sat, 09 Jan 2010 10:37:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=ackzzSmVbT0qVKHTfjPkpuX3KV9dbOAbbJjhxw/EAoo=; b=ah6Z1/W/HZ9+nJgjZH+DIqB2qvdDrEFz5hAONwJb9mt7QqsrVuJISS7MF3Igwd7zQ0 dft2jq6t31wSoQYivLp7kEp++mlqERv0C4lvynRrKlN1+kdpv719FhdihdKnNmOoQRTr xp9F4o8S4a4fqbZjRf3ZpZk14g9rHGTdd6QQU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=uEX0u3h8pg/S3idH0uqaR1MgTKFmWOWheoDyfXHzKLGv1pw9+IBLkZRBzT2zn6y3Vg b94pV6vZPUcvjeysYApcgtUEVqbCPYKHn5JMxrjOevE8UxBv8yxAwjIxMn8asBSJDFhS yL/1XNuPvU1DswiyZpOeSa8GPtng/q5kdiHFA= MIME-Version: 1.0 Received: by 10.239.158.208 with SMTP id v16mr1956281hbc.69.1263062263315; Sat, 09 Jan 2010 10:37:43 -0800 (PST) In-Reply-To: <1263029204.27527.21.camel@ubuntu> References: <1263029204.27527.21.camel@ubuntu> Date: Sat, 9 Jan 2010 18:37:43 +0000 Message-ID: From: krad To: Vadkan Jozsef Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: FreeBSD Mailing list Subject: Re: chroot a few apps X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jan 2010 18:37:51 -0000 2010/1/9 Vadkan Jozsef > Hi. > > What kind of chroot should I use, if I want to make a more secured > desktop, running e.g.: > > pdf reader > webbrowser > audio player > video player > openoffice > picture viewer > mua > ooo > virtualbox > > e.g.: if theres a javascript vulnerability in google chrome [I haven't > heard a NoScript extension for it :( ] a chroot would be good for > stopping it from doing something bad with the whole system. > > or e.g.: I have to open a .doc file, that I don't trust, or a PDF can > contain malicious code :( > > Any tips/docs/howtos? > > Thank you! > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > the best way might be to look at implementing the trusted bsd mac system. It's a bit hairly though and would take a while to get your head around