On 2020-03-04 01:06, whistlez...@riseup.net wrote: > in the following message: > https://marc.info/?l=openbsd-misc&m=158110613210895&w=2 > Theo discourages to use unveil instead of chroot. > I asked if he suggests the same for the browser but he asked that chroot > is onlye for *root*.
I thought that he was quite clear in the context of a privilege separated daemon in "discouraging" carte blanche replacement of all chroot cases (chroot is simpler and has been found secure without issue when done correctly on OpenBSD for a long time and so is being conservative). He even replied to the browser question in your link! If Theo has some concerns about complexity in unveil then I am sure he would be worried sick if implementing the Linux equivalents. > Then what should I do to hardening the most exposed piece of code that > we use everyday ? > Now I'm using unveil+chrome... Javascript is probably your biggest threat and unveil will help but by "STUPID CRAZY DESIGN!" it is permitted to do a great deal more, than it should be. Nothing can protect you very well from something designed like that, except prudence! Chrome/Firefox are unveiled on OpenBSD, so isolate your browsing (umatrix for javascript or separate hardware) or only visit trusted sites if you must. Html email is "arguably" more of a risk, as the html comes to you, though javascript and even links are sometimes disabled, so perhaps it isn't. Not sure if Thunderbird has the unveil support that Firefox has recently had endowed upon it.
