On Sun, Jun 21, 2015 at 4:19 PM, Richard Pieri <[email protected]> wrote:
> On 6/21/2015 9:18 AM, Bill Bogstad wrote: > >> I use multiple Firefox user profiles instead. Some of them allow >> cookies/javascript and others do not. >> This probably doesn't help memory usage, but it does allow some (small?) >> security benefits. >> > > Or use a script blocker like NoScript or uBlock. These offer significant > security benefits and significantly reduce memory footprint. > I do that as well. Some of my FireFox profiles have NoScript and others do not. I have have a "junk" profile which has nothing installed, but allows everything, but discards all history/cookies/etc. when I exit it. > > I'm curious though, how this other user account gains access to your X >> server. Allowing other >> user ids to write on your screen/capture key & mouse events seem to me to >> be a potential issue. >> > > May need to use xhost to allow the second user access to the X server, > something like this: > > xhost +SI:localuser:myffuser > sudo -u ffuser /usr/bin/firefox > xhost -SI:localuser:myffuser > > It's not an issue on a single user box; it's the same user (human) with a > different UID. > This is where I disagree. If it doesn't increase security over using the same UID, why bother. And I'm not sure it really increases security all that much. For example, breaking out of a browser to run arbitrary code on the same box as my "real" user id is still a potential security problem. Any OS level bugs that aren't network exploitable are now in play. A bit like having a guest account on the machine. Not something that most people do anymore. Second, if that user id has the privileges to pop up windows on the same X server as my "real" user id; I might get spoofed, have my screen or even possibly my keystrokes captured. It will depend on how my X server is setup (and its security). While it isn't a bad idea to run the browser as a different user, I think it is more like a speed bump or a chain link fence than a vault door. Better might be a chrooted environment, linux container (docker?), or even VM. Now, I have to say that I'm not paranoid enough to bother with this. I guess it depends on why you do it. If it is for user tracking control, I think different user profiles are sufficient. If the intent is better security, I'm not sure it is an improvement. Bill Bogstad _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
