Fedora 12 demonstrates sandbox for desktop applications

Security-Enhanced Linux (SELinux) specialist and Red Hat developer Dan Walsh has souped up the security mechanisms in Fedora and SELinux by adding a desktop sandbox which he's calling "sandbox -X". Users can run desktop applications of their choice inside his sandbox, which then protects the underlying system from any possible damage.

A browser started inside the sandbox is unable to damage the host system.

SELinux extends the standard Unix privileges concept to add a role-based privilege model which, in principal, allows a user to forbid a PDF viewer from, for example, sending email. Currently, however, SELinux is mainly used to wall off server services.

Dan Walsh is now looking to change this and has designed a desktop sandbox. This can, for example, be used to run Firefox in an isolated environment, consisting of temporary directories, a unique X Server instance – for which he uses Xephyr – and a special profile which defines the relevant privileges. Currently this must be called manually, for example with:

sandbox -X -t sandbox_web_t firefox

Sandbox -X is already in Fedora 12, scheduled for a November release, so interested users can already have a play. It is, however, likely to be a while before it becomes genuinely user-friendly, with the sandbox currently forgetting all user settings each time it is run and also being unable to copy and paste into the host system.

See also:

• Distributions: From Fedora 12 to openSUSE, a feature from The H.
• First Fedora 12 pre-release version released, a report from The H.

(crve)