any one using arkose Sandbox

arkose Sandbox i am just wondering

althoe gui didnt work for me

i tried it with firefox and pidgin

http://www.youtube.com/watch?v=xmpx7gSXM8g

 

I've used it before but I couldn't find any whitepapers on it's security so I gave it up. Can anyone vouch for how secure it is? If I have time I may try and audit it with some attacks.

 

Arkose is based on LXC containers if I remember correctly.

https://en.wikipedia.org/wiki/Lxc

 

Thanks. Since I know you know linux security really well, would you reccomend using LXC containters or just sticking with good old apparmour?

 

LXC containers are like Chroots on steroids. But, like Chroots, they're not meant for security even if they can be easily used for it. Apparmor is made for it, seems safer to me. Containers have advantages but IMO nothing you can't do on your own (you can set up namespaces for applications yourself).

https://wiki.ubuntu.com/LxcSecurity

 

LXC is supposed to be fairly secure for limited users, IIRC; but anyone who can gain root access in an LXC container can most likely break out.

 

So is it worth it or not? Security wise I mean.

 

I don't think it's worth it yet.