chroot a few apps

sktsee sktsee at
Sat Jan 9 17:24:00 UTC 2010

On Sat, 2010-01-09 at 10:26 +0100, Vadkan Jozsef wrote: 
> Hi.
> What kind of chroot should I use, if I want to make a more secured
> desktop, running e.g.:
> pdf reader
> webbrowser
> audio player
> video player
> openoffice
> picture viewer
> mua
> ooo
> virtualbox
> e.g.: if theres a javascript vulnerability in google chrome [I haven't
> heard a NoScript extension for it :( ] a chroot would be good for
> stopping it from doing something bad with the whole system.
> or e.g.: I have to open a .doc file, that I don't trust, or a PDF can
> contain malicious code :(
> Any tips/docs/howtos?
You may want to investigate Apparmor and/or SELinux to set mandatory
access control security policies for various applications. Apparmor is
already present on default installations of Ubuntu, though only running
in audit mode. Plus, there is a package in universe that contains many
more profiles for commonly used applications that supplement the ones
already installed.


More information about the ubuntu-users mailing list