On Thu, Nov 08, 2018 at 09:45:38AM +0100, Stefan Wollny wrote:
> Am 08.11.18 um 09:03 schrieb Stefan Wollny:
> > Hi there,
> >
> > just a little nit with the iridium-browser unveiled:
> >
> > I changed the 'exec' command in /usr/local/bin/iridium like so:
> > - LANG=${_l} exec "/usr/local/iridium/iridium" "${@}"
> > + LANG=${_l} exec "/usr/local/iridium/iridium" "--enable-unveil" "${@}"
> >
> > With this change I can browse the web as before. BUT: My startpage is a
> > html-file in the users home directory containing a huge collection of
> > links to web sites. I use this file at home and at work where I am
> > forced to use the most popular unsafe OS. With iridium unveiled this
> > page is no longer accessible instead I get 'ERR_FILE_NOT_FOUND'.
> >
> > Switching back to the exec without "--enable-unveil" and iridium finds
> > the file again. Easily reproducible.
> >
> > With other browsers (e.g. FF, otter, netsurf, links+) this particular
> > file is accessible. No reason not to enable unveil on iridium in
> > particular as it just has been updated (in ports).
> >
> Found an easy solution: While access to the user's home directory is not
> permitted, access to the subfolders _is_ allowed. Simply copied that
> particular file to ~/Downloads/, changed the path in iridium's settings
> and we're back to familiar operations. :-)
>
> Now: How to give permission to access my home directory?
>
I'm afraid you are missing the point. If you want it to have access to
your home directory run it without --enable-unveil. For all intents
and purposes that's the same thing as "giving permission to ~/"
The point of unveil in chrome is that it can't exfiltrate your ssh
private key.
--
I'm not entirely sure you are real.
