non-snap version of FF under Ubuntu 22.04?
Volker Wysk
post at volker-wysk.de
Fri Apr 28 16:21:38 UTC 2023
Am Freitag, dem 28.04.2023 um 14:43 +0200 schrieb Oliver Grawert:
> hi,
> Am Freitag, dem 28.04.2023 um 12:34 +0200 schrieb Volker Wysk
> >
> > I've looked at Oliver's comments, but what would that security
> > reasons be? I
> > don't know for sure, but I would be surprised if a non-local web
> > page, which
> > is loaded by a browser, could access any local files.
> >
> > If this indeed is the case, then of course it would be a security
> > flaw. But
> > then the root of the problem should be addressed, not the whole
> > browser
> > restricted.
>
> indeed browsers *should* be safe by default and javascript should run
> sandboxed in mozjs in firefox, but i guess you have been a computer
> user for long enough to know that bugs exist everywhere all the time
> ... and some of them *are* security holes and go unnoticed for years.
>
> adding extra security around this is simply preventing such bugs to be
> as serious as if there would be no policy, especially for something
> like a browser that has to deal with really badly protected or badly
> programmed (or even intentionally bad behaving) websites all day.
That makes sense. But the Snap sandboxing of Firefox is so tight that it
seriously affects usability. I'm wondering if the rules for file system
access can be customized and relaxed somehow.
Cheers,
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20230428/b4952511/attachment.sig>
More information about the ubuntu-users
mailing list