Sandbox the Unsafe Browser
When a container-based solution becomes a viable, secure solution for creating isolated jails, the chroot approach used by the unsafe browser will be easily adaptable to that for added security by isolation.
Alternatively, AppArmor confinement should be considered.
- Subject changed from unsafe browser: LXC to Contain the unsafe browser
- Starter set to No
- Type of work changed from Wait to Code
- Subject changed from Contain the unsafe browser to Sandbox the Unsafe Browser
- Related to deleted (Feature #5385: Have 3 AppArmor profiles in enforce mode)
- Blocked by deleted (Feature #6178: Evaluate current state of Linux namespaces)
Also available in: Atom