DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 6th November 2010
guitarscn guitarscn is offline
Package Pilot
 
Join Date: Oct 2008
Posts: 166
Default How useful/practical is this for Firefox?

Quote:
firefox for paranoid people.

If firefox has a separate useraccount you can still browse the
internet but if firefox gets hacked it won't affect the contents
of your homedir, or rather the safety of your data.

So how do you set that up:

1) Make a useraccount for firefox:

$ sudo groupadd browser
$ sudo useradd -m -s /usr/local/bin/firefox-rc -g browser firefox


2) Add a line like this line with visudo:

han ALL=(ALL) NOPASSWD: /usr/bin/su - firefox


3) Copy your ~/.mozilla, your ~/.gtk* and ~/.font* ~/.Xdefaults to ~firefox

$ sudo cp -R ~/.mozilla ~/.gtk* ~/.font* ~/.Xdefaults ~firefox


4) Create a tmpdir for firefox

$ sudo install -d -m 700 ~firefox/.tmp


5) Set the right ownership for the firefox homedirectory.

$ sudo chown -R firefox:browser ~firefox


6) Save this script as /usr/local/bin/firefox-wrapper

#!/bin/sh
PATH=$PATH:/usr/X11R6/bin
FOXBIN=/usr/local/bin/firefox

if ! pgrep -x $FOXBIN; then
xhost +si:localuser:firefox
sudo /usr/bin/su - $FOXBIN &
fi


7) Save this script as /usr/local/bin/firefox-rc

#!/bin/sh
export DISPLAY=:0.0 LC_ALL=en_GB TMP=~/.tmp TMPDIR=~/.tmp
xrdb -load ~/.Xdefaults
/usr/local/bin/firefox


8) Give the scripts the right permissions.

$ sudo chmod 755 /usr/local/bin/firefox-rc
$ sudo chmod 755 /usr/local/bin/firefox-wrapper


9) Run the script. If things go wrong run it from an xterm to see
what happens.

$ firefox-wrapper
I think the instructions might differ a little for OpenBSD, but in general is this method something that's worth it?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Firefox page too big wokko NetBSD Package System (pkgsrc) 5 1st June 2010 04:18 PM
Firefox history J65nko News 0 4th May 2010 10:40 PM
linux-firefox 3 cmcgoat FreeBSD Ports and Packages 1 8th September 2008 07:06 PM
firefox darken FreeBSD General 5 27th July 2008 11:01 PM
Upgrading firefox to firefox 3 -keeping plugins+bookmarks kasse FreeBSD Ports and Packages 11 5th July 2008 01:34 PM


All times are GMT. The time now is 11:35 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick