Bob Smith wrote: > vmware recently released a program which kind of > chroot jails the browser. > http://www.vmware.com/vmtn/vm/browserapp.html > > im not a programmer myself, but i was wondering > if perhaps using a similar technique we could lock > down the browsers in openbsd? > > seems to me that would increase security greatly > for us who surf the web on openbsd boxes? or > am i mistaking?
Isn't this a mute point. I mean, unless you are surfing the web as root, any remote browser exploit would only effect the user and a logoff and login again would sort out *most* problems associated with remote exploits. Bareing in mind, that most remote browser exploits require you to be running windows as it is the windows / browser intergration which contains bugs. I just figure that the same reason *nix is not plagued by virii is the same reason chroot/vitual machined browsers are unnessacary and wouldn't increase security, only complexity. And it is through complexity that flaws are created and exploited.