
Desktop privacy & security of web browsers on Linux part 1: concepts and theory - nextime
https://www.nexlab.net/2016/08/06/desktop-laptop-privacy-security-of-web-browsers-on-linux-part-1-concepts-and-theory/
======
bennofs
Improving Linux desktop security beyond "if you PWN one program, you PWN the
whole desktop session" is going to be hard. X11 has no separation, so talking
about this really only makes sense when using Wayland, which is no where near
default yet.

A problem with this particular approach is that chrome-trusted for example
will no longer have access to the session's DBus, so it cannot show any
notifications for example. And DBus, like X11, does not provide any separation
right now as far as I'm aware (it has support for authentication, but in
practice, `external` is used most of the time which is based on UID).

The only variant that might provide a real security benefit here is the
-paranoid one, as that those not share the X11 server session.

~~~
nextime
Have you read the post?

Yes, X11 has no separation, but you can use multiple X11 isolated sessions,
like i do in this config i'm explaining in this post.

~~~
nextime
ok, you readed it and awhere of the -paranoid with xpra. Great. anyway, there
is no way to obtain perfect security, this is just a little improvements as I
explained.

------
nefariousoctopi
This is pretty much what Firejail [1] does (except the page trust level) and
using it is fairly straight forward. I had some issues running separate X
server though (as far as I know, this is still more or less experimental
feature).

[1]: [https://firejail.wordpress.com/](https://firejail.wordpress.com/)

~~~
nextime
yes, this isn't anything new, just an example setup of firejail and some sugar
added.

------
monort
Does someone run similar setup but with xpra + vm? Is it usable?

~~~
nextime
not for sandboxing reasons, but i've used kvm + xpra for other things. It's
usable, but of course the vm need a lot more resources

