These kinds of bugs are terrifying. You’re one click away in a browser from getting your home directory curled to the malicious third party.
It’d be great to have browsers use syscalls like pledge + limit the filesystem access to basically zero so RCE is not as disastrous. Unless something similar is already being done.
It depends! Most browsers already use sandbox primitives provided by the operating system. Layering this with another sandbox might provide a second layer of defense, but it’s also a known source of crashes. I know that Firefox is unstable and more crashy when using e.g., sandboxie under windows.
I don’t think that’s true. This is a memory-safety bug in the JavaScript component, which is usually within the sandbox. For home directory access, an attacker would have to find another bug, a sandbox bypass. These are generally harder to find and exploit.
These kinds of bugs are terrifying. You’re one click away in a browser from getting your home directory curled to the malicious third party.
It’d be great to have browsers use syscalls like pledge + limit the filesystem access to basically zero so RCE is not as disastrous. Unless something similar is already being done.
Wouldn’t running the browser in something like bubblewrap prevent that?
It depends! Most browsers already use sandbox primitives provided by the operating system. Layering this with another sandbox might provide a second layer of defense, but it’s also a known source of crashes. I know that Firefox is unstable and more crashy when using e.g., sandboxie under windows.
I don’t think that’s true. This is a memory-safety bug in the JavaScript component, which is usually within the sandbox. For home directory access, an attacker would have to find another bug, a sandbox bypass. These are generally harder to find and exploit.