> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Bob Smith > Sent: Wednesday, December 14, 2005 11:37 AM > To: J. C. Roberts > Cc: misc@openbsd.org > Subject: Re: browser security > > thanks for the explanation. > > so it would be less work to try to chroot a browser then to make a > virtual machine? perhaps its even a better way of isolating? > > i googled around a bit and found some threads about people trying to > chroot their browsers, but i couldnt find any successful story. is it > practically doable? > > looking at other troublesome programs; they come chooted by default on > openbsd. is there any effort being made by others than vmware to > isolate browsers? > > seems to me like it would be a step in the right direction? >
Anyone dare try making a systrace policy for firefox?