Frothy Coffee!
Unless I misunderstand you host and guest are on the same machine.
fwiw, and as another option,
I run multiple VMs at the same time on different virtual desktops,
accessing their desktops via virt-viewer,
switching between them / their virtual desktops with a mouse roll.
Two of these VMs have Thunderbird clients accessing different classes of email.
The VMs are clones so easy to set up as many as I need.
Was fast under Virtualbox and is equally fast under virt-viewer/libvirt/qemu/kvm.
Last edited by undecidable; 1 Week Ago at 07:12 AM.
Just Give Me the Beans!
Firejail is a setuid-root program. An exploit of it is going to lead to existential consequences.Originally Posted by TheFu
https://www.cvedetails.com/vulnerabi...-Firejail.html
A capable adversary literally just has to send you an email (you don't even have to open or interact with it) to get root on your system.
So I basically want to isolate and containerize all such programs which receive and execute untrusted code from strangers all day.
I just can't figure out why the performance of X over SSH on localhost is so miserable.
eat, ride, sleep, repeat
Not to argue here, and I just can't imagine that exploit as an easy task by an attacker, seems to me you would at some point have to help the attacker.
Exploit prediction scoring system (EPSS) score for CVE-2022-31214
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 %My version seems to be fixed: firejail --versionA Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.
firejail version 0.9.72
Please Note, I don't use Thunderbird personally.
I do understand your concerns though. I kind of subscribe to "Do I feel safe enough" knowing all the while nothing is bullet proof.
I also run heavy security audits bi-monthly.
But I wish I could help with your performance over X.
Interesting Thread please keep us updated.
Last edited by 1fallen; 1 Week Ago at 04:19 PM.
With realization of one's own potential and self-confidence in one's ability, one can build a better world.
Dalai Lama>>
Code Tags | System-info | Forum Guide lines | Arch Linux, Debian Unstable, FreeBSD
<--- Run xman to see that window.
localhost? That seems like it wouldn't work. Every VM has a different idea about "localhost". 127.x.x.x/8 is localhost, by definition.
Since I've been running my own email servers 25+ yrs, I doubt any badness will arrive. My gateway blocks emails from huge parts of the world. I never see them. Sometimes that can cause problems. Usually less than 1-2 times a year. Last week, a contractor send a proposal for work using a 3rd party email that I had gotten nasty spam messages through about 5 yrs ago. Back then, I blocked all emails from that domain. A slight hassle for them and for me, but we worked it out. That's before the email even hits my email server. Then my clients are setup to only show 7-bit ASCII, so anything else, especially HTML/mime email just shows up blank. The SMTP standards REQUIRE 7-bit ASCII as the main email and allow for attachments.
A few minutes ago, I saw a spam email for watches ... from 103.70.114.0/23 MOZ TECHNOLOGY JOINT STOCK COMPANY. That domain is in Vietnam. Blocked now through an ipset rule. I never expect to deal with them ... ever. They allowed a client to become a spammer. 1 time, is too many.
Anyway, I've never been hacked via email. Not once. But I don't open attachments, especially PDF files, unless they are expected.
My mother was hacked through an email message on WinXP. The spearfishing targeted her perfectly. New Baby Photos from a granddaughter's email who just had a baby less than a week earlier. No mother/grandmother could have resisted opening that email or the attachments. She knew immediately that something was wrong and pulled the power cord from the wall. It was too late. I moved her to Linux a few months later. She had great fear of Linux because she'd seen my minimal desktop. For 10+ yrs before, I'd had her using Firefox, thunderbird, and OpenOffice already, so it was less about a new OS and more about seeing the same applications she'd been using already. Afterwards, she was running Ubuntu with LXDE and the icons for her programs on the side-bar. Additionally, I setup constant backups (hourly via Back-in-Time) and weekly off-site pulled backups to my home for the most critical stuff. There were a few MS-Windows-only programs, which we solved with an App Window into a VM. She didn't need to know anything about a hypervisor.
We also moved her email from the ISP over to a domain run by a brother-in-law. My family has a number of computer nerds with admin experience.
First Cup of Ubuntu
I just created an account to reply: I'm trying to achieve the same as currentshaft : Not for myself, but for an office full of cavemen with zero tech knowledge. They've already been hacked through malicious emails, and even if they attend a thousand courses on good computer practices I won't sleep well...
Virtualizing email client and making them remotely use it seems a nice way to keep nastiness contained.
<--- Run xman to see that window.
For cavemen,
- No attachments.
- 7-bit ASCII email only. No MIME attachments.
Period.
Just Give Me the Beans!
That won't prevent thunderbird, or frankly most software made to executed untrusted code, from getting owned.
Like I said, a skilled adversary needs only to send you an email message - you do not even have to open or click on anything in it to get owned.
By the way, I'm doing this on a 4K display (2880x1800 resolution) - perhaps that explains the awful X11 SSH forwarding performance? If I scale the window down to be barely legible, it performs much better
eat, ride, sleep, repeat
+1 Period
With realization of one's own potential and self-confidence in one's ability, one can build a better world.
Dalai Lama>>
Code Tags | System-info | Forum Guide lines | Arch Linux, Debian Unstable, FreeBSD
<--- Run xman to see that window.
Do you have a link for this attack on Linux? I've never heard nor seen it.
On Android and iPhones, where we don't have control, I can see it and on MS-Windows where they have MS-DOS and Win3 image handling complete with bugs, I can see it happening, but not in Linux. I've searched and find nothing.
How can an email own a system when the client is running as a normal user? To that, I'd say stop using root for email.
Now, if someone clicks a link in a message or opens an attachment, then I can see owning the account, but not the system.
Just Give Me the Beans!
By processing documents and code crafted to trigger vulnerabilities leading to privilege escalation and remote code execution.
The root boundary on Linux is trivial to cross and provides very little security guarantees.
As for examples of zero click payloads, they are rare since most are used by advanced capable threat actors, however you can look up "Sophail" research to see one. Now, that was against a anti-virus program, but it was also 10+ years ago - attackers have been more capable, and software has only gotten worse.
Last edited by Frogs Hair; 3 Days Ago at 12:12 AM. Reason: Language Filter
Posting Permissions
Adv Reply
Bookmarks