Firejail and firefox for VirtualBank

Everything about X, Gnome, KDE, ... and everything running on it

Firejail and firefox for VirtualBank

Postby bester69 » 2017-05-19 05:06

Hi,
I wanted to know if what i did is correct; I created a clean firejail firefox-home, set sync settings-firefox and stored it in a tar file.

So my script looks like:
firesec.sh
Code: Select all
killall firejail
rm -rf ~/.firesec
tar -xvf ~/LINUXDEBS/NOBACKUP/firesec.tar
firejail --private=/home/myuser/.firesec --dns=8.8.8.8 --dns=8.8.4.4 firefox-esr -no-remote &


firesec.tar contain the fresh clean home-firejail created in first boot for firefox app, i just added sync parameter to enjoy historial and bookmarks in the clean home.

what do you think, is there any security hole in that? :roll:
User avatar
bester69
 
Posts: 863
Joined: 2015-04-02 13:15

Re: Firejail and firefox for VirtualBank

Postby debiman » 2017-05-19 05:22

bester69 wrote:what do you think, is there any security hole in that? :roll:

yes, the google nameservers.
User avatar
debiman
 
Posts: 1086
Joined: 2013-03-12 07:18

Re: Firejail and firefox for VirtualBank

Postby Head_on_a_Stick » 2017-05-19 06:05

Also, the Linux kernel itself is vulnerable to a broad range of exploits thanks to the developers' refusal to prioritise security-related bugs until relatively recently.

So to presume that the same developers can then conjure up a "secure layer" is rather optimistic, in my opinion.

There have been many demonstrated vulnerabilities in the kernel namespace feature (used by firejail & co.), I think it would be folly to rely on it too much.

I can recommend OpenBSD for online banking use, their kernel has been designed with exploit prevention in mind for the last 20 years 8)

Always remember:
NSA wrote:Security is a state of mind.
“Controlling complexity is the essence of computer programming."Brian Kernighan

Please read before posting How to report a problem
User avatar
Head_on_a_Stick
 
Posts: 6491
Joined: 2014-06-01 17:46
Location: /dev/chair


Return to Desktop & Multimedia

Who is online

Users browsing this forum: No registered users and 5 guests

fashionable