(regex "^/Users/user_name/Library/Preferences") (regex "^/Users/user_name/Library/Application Support/Firefox") (regex "^/Users/user_name/Library/Application Support/Mozilla") (allow file-write* file-read-data file-read-metadata First, create the following file and save it somewhere as firefox-sandbox:
#Com apple safari sandboxbroker download
There is only write permission to the ~/Downloads directory, so if you want to save files in a different location, you will have to change the firefox-sandbox file or move them after the download has finished. If you have issues, you'll have to search for the directories where your plug-ins are housed, and give read or read/write access permissions in the firefox-sandbox file. It has some limitations, but my plug-ins and add-ons work though yours may not. There isn't a lot of documentation available on the sandboxing system, but I've successfully been able to sandbox Firefox. OS X has a built-in sandbox feature for applications, which can restrict their access to certain parts of the system. You may run fseventer or dtrace (Mac OS X) or other tools (Win/Linux) without interference of your real OS.Īnother possibility is outlined here in an article from 2010.You may detect any impact on the file system safely by comparing the mounted vanilla and infected volume (in read only mode).Use an arbitrary OS/browser combination (a lot of malicious websites often attack special combinations e.g.Using the snapshot/clone features you may always revert to the original vanilla state. I recommend a VM with the OS and the browsers of your choice.
0 kommentar(er)
