On Fri 2019-05-03 12:45:17 +0200, intrigeri wrote: > When we switch to Wayland (#12213) we'll need to change the way we run > the Unsafe Browser. In particular, we won't be able to run it under > a dedicated user anymore.
this seems problematic to me. dedicated user accounts are one of the simplest, most reliable process isolation mechanisms in unix. I scanned https://redmine.tails.boum.org/code/issues/12213 briefly but didn't see any mention of a bug report/feature request to the wayland developers about this gap, other than this FAQ: https://fedoraproject.org/wiki/Common_F25_bugs#Running_graphical_apps_with_root_privileges_.28e.g._gparted.29_does_not_work_on_Wayland (which seems like it's more about not wanting to leak root privs, not about dedicated non-priv users) i think this would be worth raising with Wayland upstream if it hasn't been raised already, pointing out that there are good security reasons to want to run applications under user isolation. --dkg
signature.asc
Description: PGP signature
_______________________________________________ Tails-dev mailing list [email protected] https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
