[In the news] Run Applications in Secure Sandboxes with SELinux

Rahul Sundaram metherid at gmail.com
Mon Nov 22 07:51:49 UTC 2010



"SELinux runs a Firefox in a restricted session that doesn't have access
to rest of the system. That includes the X session. Firefox will run in
a nested X server (Xephyr), and you won't be able to even copy & paste
from or to the Firefox session and other apps. /But/, it also means that
Firefox is totally restricted from reading any other files on your
system and that malicious Web pages or attacks on plugins like Flash are
sandboxed as well."


More information about the marketing mailing list