>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise)
Bug 1756236 Comment 4 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Defense in depth.
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Because of the above, it's defense in depth.
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Because of the above, it's defense in depth. (I think there's experimental patches to also used PID isolation, somewhere...)
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Because of the above, it's defense in depth. (I think there's experimental patches for PID isolation, somewhere...)
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Because of the above, it's defense in depth. (I think there's also experimental patches for PID isolation, somewhere...)
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Because of the above, it's defense in depth. (I think there's also experimental patches for PID isolation, somewhere...) >BTW: after latest debian release enabled user namespaces by default there is no major linux distro which disables them. Ah, that's cool. Arch (and derivatives) was another holdout.
>If ff can't access both then how it creates its sandbox, i.e. how it's limiting file, network and other resource access per process? We intercept the syscalls via seccomp-bpf. >The wiki says ff "Uses Unprivileged User Namespaces (if available)" but for what exactly namespaces are used for? chrooting (which would require a setuid binary otherwise), and also IPC and network isolation for processes where that is possible. Because of the above, it's defense in depth. (I think there's also experimental patches for PID isolation, somewhere...) >BTW: after latest debian release enabled user namespaces by default there is no major linux distro which disables them. Ah, that's cool. Arch (and derivatives) is/was another holdout.