So Fedora 12 has a convenient sandbox for running Firefox and other apps. Chrome runs sandboxed. And Windows 7 can even run IE sandboxed (allegedly). But in trying to find an easy, ready-to-go sandbox for Ubuntu and Arch I didn't find anything. Given Firefox's use of the exploit-ridden Flash, Java, and third-party plugins, I think this is an important ability.
For those who aren't familiar, a sandbox is a way of running an app in a way that limits its access to the system resources. For example, Firefox running in a sandbox would only be able to access a limited subset of the filesystem - only the folders you include in the sandbox. This way any processes Firefox uses, such as Java, Flash, and plugins, are also limited.
There are full (over-)blown solutions for this, such as AppArmor, SELinux (which is how Fedora apparently accomplishes it), and others. But none ready to go with no configuration. (Plus, I personally don't put a lot of trust in Novell or SELinux.) And I trust Google with my private data as much as I trust Microsoft, so Chrome is nothing I want anything to do with. The lack of options led me to develop Sandfox, which is designed to be easy to use and also flexible.
In the easy department, you can install Sandfox and have Firefox running in a sandbox with one command:
In the flexible department, any app can be run sandboxed, either sharing a single sandbox or one for each program, based on profiles you can create.
sudo sandfox firefox
Sandbox is written in pure bash and uses only core Linux commands to create a chroot jail for Firefox. I wrote this primarily for my own use (and I'm writing this post from a sandboxed Firefox) but I'm sharing it because I think it fills a niche for a ready-to-go app sandbox. I'll let you review the website for the additional details. If you have any questions feel free to ask.
Usage: sandfox [OPTIONS] [COMMAND [ARG]...]
Runs COMMAND as a normal user within a chroot jail sandbox with limited
access to the filesystem. Supports profiles for apps and includes a default
Firefox profile. Must be run as root when creating sandbox. Examples:
sudo sandfox firefox # Runs Firefox in a sandbox
sudo sandfox bash # Shell to explore a sandbox
--bindro TARGET Include TARGET (a file or folder) in the sandbox
bind-mounting it as a read-only filesystem
--bind TARGET Include TARGET (a file or folder) in the sandbox
with same ownership and permissions when possible
--copy TARGET Place a disposable copy of TARGET (a file or folder)
in the sandbox
--hide TARGET Include TARGET (a file or folder) in the sandbox
by bind-mounting an empty file or folder onto it
Effectively hides the real TARGET from the sandbox
Also provides a writable dummy folder
--profile PROFILE Load PROFILE (a profile name or pathname). By
default profiles are stored in /etc/sandfox
--make Force creation or update of a sandbox (make is
implied if you specify binds or profiles)
--sandbox NAME Specify name of sandbox to use, create, or update
--close NAME Unmount and remove sandbox NAME
--closeall Unmount and remove ALL sandboxes
--status Show the status of all current sandboxes
--shell Run COMMAND in a shell and wait. Requires root.
(bash is always run in a shell)
--user USERNAME Run command as USER in the sandbox - useful if
auto-detection does not work or to override
--profilefolder FOLDER Use FOLDER instead of the default profile folder
IMPORTANT: should be root owned & write-protected
--logfile LOGFILE Also append messages to LOGFILE. sandfox daemons
will also update this file provided it is
accessible from within the sandbox.
--verbose Provide detailed feedback
--quiet Minimize output messages
NOTES: OPTIONS must precede COMMAND; you can also use OPTION=VALUE; binds are
processed in this order: bindro bind copy hide; missing binds are ignored; if
a profile for COMMAND exists it will be automatically loaded; default profile
is always loaded; profiles may contain any options valid on the command line;
if COMMAND is omitted, a sandbox will be created for use.