![]() The most important reason, though, is data separation. To be honest Chromium does use sandboxing by design for security measures. For most users it will be overkill (and a hassle) to work on a clean-slate browser each and every day, and forego the ease of not having to punch in long passwords, using bookmarks or suggestions based on history. In case of a sandbox breakout that allows the attacker to read an arbitrary file, it’s game over. ![]() ![]() Browsing in a protected environment has no effect if, for example the host system itself is malware-infected. Some people will argue that this is an overreaction, and it probably is. This way you (hopefully) keep your host machine clean and safe, manage used resources, and also have more control about the information you accidentally spread online, by running a separated “social media browser”, “e-banking browser” or “danger browser”. ![]() The basic idea is that you can run a process in your system (in this case, a browser session), on a limited-access sandbox/jail/container/docker/whatever that you can easily wipe to a clean snapshot. What is a ‘jailed’ or ‘sandboxed’ browser.? ![]()
0 Comments
Leave a Reply. |