[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: keybase.io

Enrico Zini <enrico@enricozini.org> writes:

> ssh -X or -Y to a remote host, then run X apps.

Which requires that host allow remote logins, which creates a different
sort of security issue.  Also, tunneling a web browser over X is an
unbelievably painful experience.

> I've recently got worried about common practices I see around me, and
> started considering running a "Hardening Debian Development" BOF at the
> next Debian event I'm going to participate. The intention would be to
> see how to address those issues, but with a strong awareness on
> usability[5].

If someone would write up a good step-by-step guide for how to isolate
one's web browser in a VM running on the same host, so that you can still
get reasonable display performance but have a real separation boundary
between the web browser and the rest of the system, I for one would be
extremely grateful.  The same technique would work for things like Skype.

I'm sure it's possible, but I don't know enough about the various
virtualization systems to be able to figure it out quickly, and I've yet
to get interested enough to spend several days figuring out a method.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: