Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Use different users and/or virtual machines if you want security.

BTW, Firejail is also shit, it had some stupid design decisions and security bugs. And it basically relies on Userspace namespaces which are or were an experimental/unsecure feature in Linux.

Wayland's security model is bonkers because the attack surface it implies is just too great.

BTW, Is useradd not usable for you?



> Use different users and/or virtual machines if you want security.

The Internet is so important that for daily computer usage I, and probably everyone else, have a browser open at basically any point in time.

So do you want me to switch users between the $browser_user and $main_user every 5 minutes I need to do something outside of the browser?


>Do you want me to switch users between the $browser_user and $main_user every 5 minutes I need to do something outside of the browser?

xnest[1], ftfy

[1] https://www.x.org/archive/X11R7.5/doc/man/man1/Xnest.1.html


I just run chromium as my main user (but usually with a temporary scripted --user-data-dir and HOME environment variable), because it is relatively secure.

And switching Linux consoles/X servers is just two key presses anyway.


Correction: usually it is three key presses: Control, Alt, F3; for example.


> and/or virtual machines if you want security.

... and w.r.t. that: The modern JavaScript jungle that is the Internet is slow enough already. And we're not even getting started with watching videos here...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: