Do you run your browser in a sandbox? Is it recommendable?
Yes, as long as it's open source.
I don't.
>>57551620
Just out of interest, if you're not doing any webdev, what's the point of running a browser inside a browser?
Edge runs in its own VM
I use firejail, basically it protects all your shit if the browser gets compromised. Since I don't visit shady sites not sure I really need it though. You can configure it to block a lot of different content, so some might find it useful.
>>57551620
I'm running chromium --no-sandbox...
But in a docker container, so I'm quite well isolated.
>>57551620
>sekibanki
>rope
>>57551712
*Only on Enterprise/Education versions. It uses Virtualization based security which home and pro users does not have.
Many articles simply say consumers are better off with windows 10 since edge is more secure in this aspect(virtualization) but they do not have access to it in reality, unless they get Windows 10 Education or Server 2016 through dreamspark or buy an enterprise subscription.
>>57551712
No it doesnt, and thats why it's a major security risk. Only enterprise versions of Windows run edge in a VM IF you configure it first(off by default).
>>57551620
Chrome sandboxes everything by design, not sure about firefox.
>>57551665
Inception
>>57551620
Nope. Only faggots do that kind of shit.
>>57551712
It actually doesn't, you're able to get root access to someones computer through that browser.
>>57553099
So it IS necessary. Shold I use docker, firejail or manually configure SElinux?
>>57554806
Switch to FreeBSD and use Opera in a jail, since, sadly, jails don't support any real browsers ATM.
Firejail is pretty good too if you want to do things the easy way.