Firefox as its own user: questions

Discussion in 'all things UNIX' started by Gullible Jones, Jul 4, 2012.

Thread Status:
Not open for further replies.
  1. I know SELinux or AppArmor is a better approach, but I'm interested in how much can be done with the normal UNIX DAC system. I already know how to make Firefox run as its own user, using su, xhost, and a user belonging only to its own group, but I have some questions on how to improve this.

    1. What's the best way to start Firefox as its own user automatically?

    I'm guessing using the suid bit is not it, since you might wind up running Firefox as root if the package manager changes the permissions.

    2. Is there a better way to use xhost or such?

    AFAIK I have to run xhost in my users profile script, or wherever, to allow connections to the X display from Firefox's dedicated user. Is there a better way to handle this?

    (The best I can think of right now is adding a new group, and running xhost from /etc/profile for users in that group. Seems like a bit of a kludge though.)

    Also, how much of a security hazard is it to allow local connections from the new user?

    3. Is there any way to make this Firefox setup safe for multiuser systems?

    The problem on a multiuser system is that, with Firefox running as its own user, everyone using it has access to other people's profiles, sessions, and downloaded files. That is really really not good. Is there a way to avoid this situation without having a million different profiles for limited Firefox users? Am I correct in suspecting that it would require the use of ACLs, or is it just not possible?
  2. BrandiCandi

    BrandiCandi Guest

    Are you just playing around to get a handle on permissions and groups/users? Because if it's only about the end result then like you said, selinux & apparmor are a much better way to go. But if it's about the process of learning about groups then I'm really interested to hear what you come up with.

    I've been studying permissions & groups myself and I can tell you that suid is NOT the way to go like you said. From this guide, "SUID and SGID programs can be dangerous. They are not usually needed. SUID and SGID scripts are incredibly dangerous and can easily allow evil-doers super-user access to your system!! Never allow a SUID or SGID writable program on you system for even a minute!" LOL, a bit melodramatic but probably true.
Thread Status:
Not open for further replies.