Subj : Re: NetBSD 10 To : Arelor From : Gamgee Date : Wed Apr 03 2024 07:49 am -=> Arelor wrote to Gamgee <=- Ar> Re: Re: NetBSD 10 Ar> By: Gamgee to Arelor on Tue Apr 02 2024 08:20 pm > Ar> 5) Their sandboxing frameworks are much simpler to understand and > Ar> blow Linux equivalents our of the water for applications in small > Ar> deployments. > Okay, but not something I use/need. Ar> I personally think a modern, usable framework for privilege Ar> separation and access permissions for programs is overdue in Ar> vanilla Linux. It is a basic feature nowadays that works Ar> automagically on stuff like Android. As I said in a previous reply, we may be talking about different use-cases of whatever *nix ... My case is a simple home LAN scenario, not commercial or large-scale. I solve privelege/access issues like *nix always has - with user/group settings. And even that is pretty limited, as I'm basically the only user on my systems. Wife is a confirmed Win-droid. :-) Ar> On OpenBSD, firefox installs get sandboxed by default. You are Ar> guaranteed firefox won't make any system call a web browser is Ar> not supposed to make and you are guaranteed it won't try and Ar> access files out of its sandbox. This is the _default_ Ar> configuration in OpenBSD and requires no effort. You just pkg_add Ar> your firefox and you get a jailed web browser. This is how it Ar> should work in Linux and this is what they are trying to Ar> accomplish in Linux with mixed results. Not something I would need. Ar> The Linux approach is to either use packaging that includes Ar> sandboxing (such as flatpack) or to use some mandatory access Ar> framework (such as AppArmor). Stuff like flatpack suffers because Ar> they usually give too much access to the programs they are Ar> running - like they go and create a sandbox which includes all of Ar> your $home in [!!!]). SELinux will make your head hurt very Ar> badly. AppArmor is fine but requires you to load an apparmor Ar> profile for your applications, and the profiles included with Ar> distributions are either too limited or outright broken. Linux Ar> distributors have this idea that they ought to have proper Ar> privilege separation for programs but they still don't get it Ar> quite right. You can eventually sandbox your stuff properly but Ar> it hits the "too effort intensive" mark very fast. Have never used (or needed) anything like that. .... So easy, a child could do it. Child sold separately. === MultiMail/Linux v0.52 --- SBBSecho 3.20-Linux * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (21:2/138) .