[Linux-disciples] Running the browser as a separate user
Stephen R Laniel
steve at laniels.org
Wed Oct 19 16:48:26 EDT 2005
My coworker wonders if there's any way for him to force his
browser to run as a separate user every time he invokes it.
The idea is that there are lots of attacks involving
malicious web pages, and he'd prefer for his machine to be
secure against such attacks: even if they managed to get
onto his machine, he'd like them only to have access to user
emptyuser's files.
He could do this by su'ing to the other user, then invoking
the browser from that other user's account. I was thinking
that maybe running the browser as suid 'browser' would do
the trick, but it doesn't do what I'd expect -- namely,
using files under /home/browser/.mozilla/firefox.
Any ideas on a clever way to do this? I think it's a good
idea.
--
Stephen R. Laniel
steve at laniels.org
+(617) 308-5571
http://laniels.org/
PGP key: http://laniels.org/slaniel.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.bostoncoop.net/pipermail/linux-disciples/attachments/20051019/485e81bd/attachment.pgp
More information about the Linux-disciples
mailing list