Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Firejail and firefox for VirtualBank

Graphical Environments, Managers, Multimedia & Desktop questions.
Post Reply
Message
Author
User avatar
bester69
Posts: 2072
Joined: 2015-04-02 13:15
Has thanked: 24 times
Been thanked: 14 times

Firejail and firefox for VirtualBank

#1 Post by bester69 »

Hi,
I wanted to know if what i did is correct; I created a clean firejail firefox-home, set sync settings-firefox and stored it in a tar file.

So my script looks like:
firesec.sh

Code: Select all

killall firejail
rm -rf ~/.firesec
tar -xvf ~/LINUXDEBS/NOBACKUP/firesec.tar
firejail --private=/home/myuser/.firesec --dns=8.8.8.8 --dns=8.8.4.4 firefox-esr -no-remote &
firesec.tar contain the fresh clean home-firejail created in first boot for firefox app, i just added sync parameter to enjoy historial and bookmarks in the clean home.

what do you think, is there any security hole in that? :roll:
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...

User avatar
debiman
Posts: 3063
Joined: 2013-03-12 07:18

Re: Firejail and firefox for VirtualBank

#2 Post by debiman »

bester69 wrote:what do you think, is there any security hole in that? :roll:
yes, the google nameservers.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Firejail and firefox for VirtualBank

#3 Post by Head_on_a_Stick »

Also, the Linux kernel itself is vulnerable to a broad range of exploits thanks to the developers' refusal to prioritise security-related bugs until relatively recently.

So to presume that the same developers can then conjure up a "secure layer" is rather optimistic, in my opinion.

There have been many demonstrated vulnerabilities in the kernel namespace feature (used by firejail & co.), I think it would be folly to rely on it too much.

I can recommend OpenBSD for online banking use, their kernel has been designed with exploit prevention in mind for the last 20 years 8)

Always remember:
NSA wrote:Security is a state of mind.
deadbang

Post Reply