[Discuss] memory management

Bill Bogstad bogstad at pobox.com
Sun Jun 21 11:57:06 EDT 2015 

On Sun, Jun 21, 2015 at 4:19 PM, Richard Pieri <richard.pieri at gmail.com>
wrote:

> On 6/21/2015 9:18 AM, Bill Bogstad wrote:
>
>> I use multiple Firefox user profiles instead.   Some of them allow
>> cookies/javascript and others do not.
>> This probably doesn't help memory usage, but it does allow some (small?)
>> security benefits.
>>
>
> Or use a script blocker like NoScript or uBlock. These offer significant
> security benefits and significantly reduce memory footprint.
>

 I do that as well.   Some of my FireFox profiles have NoScript and others
do not.   I have have a "junk"
profile which has nothing installed, but allows everything, but discards
all history/cookies/etc. when I
exit it.


>
>  I'm curious though, how this other user account gains access to your X
>> server.   Allowing other
>> user ids to write on your screen/capture key & mouse events seem to me to
>> be a potential issue.
>>
>
> May need to use xhost to allow the second user access to the X server,
> something like this:
>
> xhost +SI:localuser:myffuser
> sudo -u ffuser /usr/bin/firefox
> xhost -SI:localuser:myffuser
>
> It's not an issue on a single user box; it's the same user (human) with a
> different UID.
>

This is where I disagree.   If it doesn't increase security over using the
same UID, why bother.  And I'm not sure it really increases security all
that much.    For example, breaking out of a browser to run arbitrary code
on the same box as my "real" user id is still a potential security problem.
  Any OS level bugs that aren't network exploitable are now in play.  A bit
like having a guest account on the machine.   Not something
that most people do anymore.

Second, if that user id has the privileges to pop up windows on the same X
server as my "real" user id; I might get spoofed, have my screen or even
possibly my keystrokes captured.   It will depend on how my X server is
setup (and its security).   While it isn't a bad idea to run the browser as
a different user, I think it is more like a speed bump or a chain link
fence than a vault door.   Better might be a chrooted environment, linux
container (docker?), or even VM.

Now, I have to say that I'm not paranoid enough to bother with this.   I
guess it depends on why you
do it.  If it is for user tracking control, I think different user profiles
are sufficient.  If the intent is better
security, I'm not sure it is an improvement.

Bill Bogstad

More information about the Discuss mailing list